Optus uses other brands such as OnePass mobile to provide its services and the Optus Privacy Policy as amended below applies to your use of a OnePass mobile service.
Our Privacy Policy's all about personal information - all the things we know about you. If you're a customer in Australia, it explains how we collect your personal information, what we do with it, and how it’s protected.
We collect personal information from you and in relation to your activities when it is reasonably necessary for a business purpose.
This means we collect it to supply you with the products and services you have asked for, and to provide you with the best possible service. Other reasons we collect personal information are to:
Generally, we collect personal information like your name, address, date of birth, gender, occupation, interests, location, contact details, payment details, financial information, and information about how and where you purchase and use our products. We may also collect the following information from you through your devices in connection with the provision of our Services. There are a few different ways we collect this information.
What we collect straight from you: Most of the personal information we collect, such as your name and address, we collect directly from you. For example, you might fill out a form online or in a store, or give it to one of our representatives on the phone. Of course, you can choose not to provide your personal information or may just want to deal with us anonymously. If this happens, we may not be able to provide you with the product you've asked for or give you the level of service you expect.
What we collect while you are with us: We also collect personal information and de-identified information during our relationship with you. For example, we may collect personal information:
We are authorised to collect information about the contents and substance of the communications we carry by Division 3, Part 13 of the Telecommunications Act 1997 (Cth).
All telecommunications providers, including Optus, now have an obligation to retain certain network data and customer information (called ‘metadata’) for a period of at least two years for use by criminal law enforcement agencies. Network data has always been collected so that we can run our network properly, and it is now being retained for two years to meet the government requirement. We also collect customer information and retain it for at least 2 years. Please consult Data retention Australian Government Department of Home Affairs for more information on what we are required to retain and why.
Optus and OnePass mobile websites and apps use cookies and other digital identifiers. These include:
Site performance identifiers: these give us information about how our websites or apps are used. If you access our services from a mobile or other device, this may include your device ID, device and software characteristics (such as type and configuration), geolocation data, and connection information.
Analytics cookies: we use these to gather statistics about our site and apps. For example, they help us monitor how many users are on the site or app, and what sections are most popular.
Advertising cookies: we use these cookies to improve our understanding of the kind of advertising that may be relevant to your aggregated segment.
We use cookies or digital identifiers for a number of purposes, including enabling targeted advertising.
It's important to know you can clear cookies or digital identifiers from your device and also disable future use of them by changing the security settings on your web browser or in apps. However, doing this might mean that parts of our websites and apps may not work as they should.
We also use system information arising from your use of our services for de-identified statistical analysis.
Other people or entities might give us personal information about you. For example, we might be given personal information by your employer if you use our business products, or by your parent or guardian if you are under 18.
We may also collect personal information from other companies that are able to disclose it to us, if it's not practical to collect it from you. For example, we buy or obtain personal information from trusted sources to help us identify people who might be interested in hearing about our products.
We will take reasonable steps to make sure you know we have your personal information, how we got it and how we'll handle it.
We collect some types of personal information to assess your credit situation when you apply for certain services. For more details, see the section on 'Credit-related information' further below.
The Optus Group may aggregate and process personal information and de-identified system information to generate new insights about our network, products and customers. An example of such an insight is that a particular type of phone plan is popular in a specific region of Queensland.
These insights are about overall patterns, and by applying privacy protection and aggregation techniques, the Optus Group ensures that these insights will not identify you.
We use these insights to make better business decisions, and to provide you with better products and services.
When we talk about sensitive information, we mean things like biometric information, such as your fingerprint or voiceprints. Sensitive information could also refer to details about your race, ethnicity, politics, religious or philosophical beliefs, sexual preferences, health, genetics or criminal record.
There may be times when you choose to provide us with your sensitive information. With your agreement, we might also collect biometric information for use with new technologies like voice or fingerprint recognition. This could happen as technology changes and evolves over time.
Remember, this kind of information will only be collected with your permission, and we will only use it for the purpose for which you provided it.
The Optus Group and Who We Work With
We may share your personal information within the wider Optus Group.
We also work with a number of other companies, and in certain circumstances may share personal information with them too.
Different companies within the Optus Group provide different services. The Optus Group includes our parent company Singtel, Singtel Optus Pty Ltd and their subsidiaries.
We sometimes team up with other companies to offer products. If you purchase a product that is delivered by one of our partners, we'll give them the personal information they need to provide it and manage their relationship with you.
In these circumstances, we have arrangements in place with our partners that limit their use or disclosure of your personal information to these purposes.
We work with third parties to provide some types of sales, business and customer support. They may have access to systems that include your personal information. These companies are subject to strict controls that protect your information from unauthorised use or disclosure, and limit their access to your personal information to the extent necessary to do their job.
Some of the parties mentioned above are located overseas, but again, we only give them secure access to the personal information they need to do their job. These overseas companies are involved in providing services like data storage, data analysis, targeted advertising and reporting, and customer and technical support, and they do it from countries like Singapore, India, the Philippines, USA, Canada, the European Union (including the UK), the Bailiwick of Jersey, Mexico, Malaysia, Japan, Israel and New Zealand.
We maintain effective control of your information at all times, including by ensuring that parties located overseas are subject to strict controls that limit access and subsequent handling of your information to the extent strictly necessary to perform the relevant function and protect your information from unauthorised use and disclosure. We do have different arrangements in place for some larger business customers.
Debt is way up there on the 'things absolutely no one likes' list.
In some circumstances, we may need to refer or sell overdue debts to debt collectors or other companies. If we do this, we'll give them secure access to the personal information they need to handle the debt.
We may also update credit reporting agencies about some types of payment defaults, although we'll always tell you before we do this.
Legal obligation and other privacy exceptions
We give access to personal information where we are permitted or obliged to do so by Australian law. For example, in some circumstances we will use or disclose personal information to react to unlawful activity, serious misconduct, or to reduce or prevent a serious threat to life, health or safety. We are obliged to cooperate with law enforcement bodies in some circumstances. We may disclose personal information, including information about phone calls and service use, when we receive an access request or warrant that is authorised under Australian law.
We give information about some of our telephone products to the Integrated Number Database, where it's used to do things like assist with the dispatch of emergency services. We may also provide your geolocation information directly to emergency services (i.e. ‘triple 0’) when you call them on your mobile.
Aside from the above, we will only disclose personal information to others if you've given us permission, or if the disclosure relates to the main reason we collected the information and you'd reasonably expect us to do so.
Everyone hates being bombarded with ads for things they don't need or have any interest in. We may use your personal information, or engage third parties who collect information about you from publicly available sources, to deliver advertising that is customised or more relevant to your interests, characteristics or general location. This doesn't necessarily mean you'll get more advertising. It just means that the advertising that you see will hopefully be more relevant to you.
In order to carry out targeted advertising to your aggregated segment, the Optus Group may build a user and/or device profile by:
The Optus Group may also work with third parties and use technologies that rely on cookies, to recognise visitors to our website, and better deliver targeted advertising.
Optus advertises by mail, phone, email, text and online via the internet and in apps. OnePass mobile may also advertise using these methods.
The Optus Group may work with other companies to advertise their products online. In order to do this, we may share aggregated information that doesn’t identify you, as well as your mobile device advertising identifier, to understand the type of audience these companies want to advertise to, and deliver the ad for them.
You can always control the use of our cookies and other similar technologies by clearing your cookies, or by using the do not track function on your browser. You can also reset your mobile device advertising identifier by using the settings in your device.
We'll make sure that any marketing emails, texts and letters we send you clearly tell you how to opt out, or you can tell our phone staff. You can opt out of receiving marketing emails and texts at any time by going to the My Info section of your Dashboard and unticking the SMS and email boxes in the Subscribe and unsubscribe to OnePass mobile marketing messages section. Please note that it can take us up to 5 days to update your preferences. You can also opt out of receiving online relevant advertising material at any time, usually by clicking on the Information Icon symbol displayed on an online ad.
When you opt out, you can choose to opt out of particular direct marketing, or all direct marketing, including advertising from OnePass mobile or Optus. Of course, there are some types of marketing we can't control on an individual basis, like general letterbox drops or online ads that are not targeted specifically to you.
We will continue our direct marketing activities with you until you opt out, even if you no longer have a service with us.
We might ask you for information about yourself and things like your employment details and credit history, and then seek a credit report from a credit reporting agency.
We'll always tell you before we seek a credit report, and we won't get one if you're under 18.
The credit report provided by a credit reporting agency may include information like your employment history, previous credit checks, any problems you've had paying bills and whether those issues were resolved. We use this information to assess whether we're entering into an arrangement that is sensible for both you and us.
After you become a customer, we store the crucial bits of information from the credit report and our own credit assessment. We may continue to use this information to manage credit, and to make sure we're offering and providing the right services to you.
We don't use credit related information to generate marketing lists. Sometimes, we might ask a credit reporting agency to do that for us. You can ask the credit reporting agency not to use your information for these purposes by getting in touch with them directly.
We work with customer service partners inside and outside Australia on credit related matters. Where necessary, we give our partners access to the credit information they need to help manage credit and your services.
You can get access to credit related information we hold about you, ask us to correct it, or make a complaint, as described elsewhere in this policy. If we agree that our records need to be corrected, and we've previously disclosed that information to a credit reporting agency or other person, we'll tell them about the correction too.
You can ask the credit reporting agencies not to use or disclose the information in their files if you think you have been or are likely to become a victim of fraud.
You can find out more about the credit reporting agencies we work with at www.veda.com.au and www.dnb.com.au. Their websites give their contact details and their policies about the management of your personal information.
Security is serious. We're committed to protecting your personal information.
Some of the security measures we use include:
Management of access privileges, to ensure that only those who really need it can see your personal information.
Ongoing training and security reviews.
These measures are robust, but security risks do change. We will remain vigilant in our efforts to protect your personal information.
We work with third parties to provide some types of sales, business and customer support. They may have access to systems that include your personal information. These companies are subject to strict controls that protect your information from unauthorised use or disclosure, and limit their access to your personal information to the extent necessary to do their job.
If you ask us, we will usually give you access to the personal information we hold about you. We will always confirm your identity before giving access to your personal information.
You can ask for access by calling us on 1300 222 825.
There are circumstances under Australian privacy laws where we may not give you access to the personal information we hold about you. For example, we can't give you access if it would unreasonably affect someone else's privacy or if giving you access poses a serious threat to someone's life, health or safety.
There is generally no cost for accessing the personal information we hold about you, unless the request is complex or resource intensive. If there is a charge, it will be reasonable and we will let you know what it is going to be so that you can agree to it before we go ahead.
We aim to keep the personal information we hold about you accurate, up-to-date and complete. If you think our records need to be corrected, please call us on 1300 222 825.
We encourage you to update your details with us so we can deliver better service to you, and so the others we work with (like emergency services) have access to the information they need to do their job.
We recognise that your personal information is important to you, so please let us know if you have any questions or concerns about this policy or our practices.
Phone: 1300 222 825
You can find out more about our complaint process and complaint handling policy at Legal policy. If you make a complaint about privacy, we will acknowledge receipt of your complaint, and try to investigate and respond to you within 30 days. If you are unhappy with the outcome, you can lodge a complaint with the Telecommunications Industry Ombudsman or the Office of the Australian Information Commissioner.
We'll amend this policy if our practices change. Details of recent amendments and the date they were made will be detailed below.