Privacy Policy

Zembl Pty Ltd and its related bodies corporate (we, our, us) recognise the importance of protecting the privacy and the rights of individuals in relation to their personal information – this includes existing and prospective customers of our Clients, potential and existing employees and contractors whom Zembl collects personal information from or is provided with such information from our Clients.  

We respect your rights under the Australian Privacy Act (1988)(Cth) (the Act) and we comply with all of the Act’s requirements in respect of the collection, use, management, disclosure, quality, security, access to and correction of your personal information.

When used in this Privacy Policy, the term “personal information” has the meaning given to it in the Australian Privacy Act (1988). In general terms, “personal information” means any information about an identifiable individual. This may include an individual or company name, address, ABN (Australian Business Number), A.C.N (Australian Company Number), telephone number/s, email address, account number/s, identification information, gender, identification details (if applicable) and State or Commonwealth concession card details.

It is important to appreciate that much of the personal information we collect and hold is done so by us when we act as the Service Provider of our Client/s. For example, we operate tele-service centre operations representing many Australian companies.

We may also collect information that is not personal information because it does not identify you or anyone else. For example, we may collect anonymous data or aggregated information about how users use our website/s. We do not re-identify this information to turn it into personal information.

If the information we collect personally identifies you, or you are reasonably identified from it, the information will be considered personal information.

We may collect the following types of personal information:

• Name;
• ABN;
• ACN;
• Drivers Licence details, including state or territory of issue;
• Medicare Card and expiry date;
• mailing and/or postal address;
• email address;
• facsimile number;
• date of birth;
• profession; occupation or job title;
• where you are an employee, your personnel records including your employment agreement, pay records, leave records, tax status, criminal record checks, superannuation records, training records, and performance and disciplinary records;
• where you are our customer, details of the products and services you have purchased from us or our Clients (on whose behalf we may provide products or services) or which you have enquired about, together with any additional information necessary to deliver those products and services and to respond to your enquiries;
• banking payment details;
• details of your creditworthiness and credit history;
• in the case of websites, how you use the website and any information you enter on the website;
• any additional information relating to you that you provide to us directly through our website or indirectly through the use of our website/s or online presence/s, through our representatives or otherwise; and
• information you provide to us through our tele-service centre, customer surveys or visits by our representatives from time to time.

Personal information is only collected by lawful and fair means in accordance with the Act. We collect your personal information directly from you unless it is unreasonable or impracticable to do so. When collecting personal information from you, we may collect in ways including:

• through your access and use of our website, or websites hosted by us;
• through your use of telephone and mobile communication devices;
• during conversations between you and our representatives;
• during correspondence between you and our representatives, including electronic communication/s; or
• when you complete an application, contract or purchase order.

We may also collect personal information from third parties who are not our Clients including, for example, from third party companies such as data provider and brokers, credit reporting bodies, law enforcement agencies and other government entities.

In some instances we may also collect your personal information through the use of cookies.

A cookie is a piece of information that allows the server to identify and interact more effectively with your device. The cookie assists us in maintaining the continuity of your browsing session (e.g. to maintain a shopping cart) and remembering your details and preferences when you return. It also enables us to keep track of products or services you view so that, if you consent, we can send you news about those products or services.

We also use cookies to measure traffic patterns, to determine which areas of our website have been visited and to measure transaction patterns in the aggregate. We use this to research our users’ habits so that we can improve our online products and services.

Other technologies that may be used with Digital Services include web beacons (which may operate in conjunction with cookies), Flash local stored objects and JavaScript. Some of these cookies and other technologies are consistent across our digital services, allowing us and the other providers of these services to understand you better and provide a more consistent experience across these services.

You can configure your web browser to reject and delete cookies and block JavaScript but you may limit functionality of our services. You can control your preferences regarding Flash local stored objects at:

http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager07.html

Our systems record a variety of information in relation to interactions with our Digital Services. This can include information about software versions used, device identifiers (like IP address), location data (where available and not disabled by the user), dates, times, file metadata, referring website information, data entered and user activity such as links clicked.

If you do not provide us with the personal information described above, some or all of the following may happen:

• we may not be able to provide the requested products or services to you, either to the same standard or at all, or we may not be able to supply services to our Clients which will enable our Clients to do the same; or
• we may not be able to provide you with information about products and services that you may want, including information about discounts, sales or special promotions, or we may not be able to supply services to our Clients which will enable our Clients to do the same; or
• we may be unable to tailor the content of our websites to your preferences, or we may not be able to supply services to our Clients which will enable our Clients to do the same; or
• if you are a Client of ours, we may not be able to provide you with the products and services you require; or
• if you are a prospective employee, we may not be able to employ you; or
• if you are our employee, it may be a breach of your employment conditions to not provide us with the information; or
• if you are a contractor to us, you may not be able to provide your services to us.

We collect personal information about you so that we can perform our business activities and functions and to provide best possible quality of customer service to you and to enable us to provide products and services to our Clients.

We collect, hold, use and disclose your personal information for the following purposes, in each case, either on our own behalf or when acting on behalf of a Client:

• to provide products and services to you and our Clients and to send communications requested by you and/ or our Clients;
• to answer enquiries and provide information or advice about existing and new products or services;
• to administer competitions;
• to provide you with access to protected areas of our websites;
• to assess the performance of our websites and to improve the operation of our websites;
• to conduct business processing functions including providing personal information to our related bodies corporate, Clients, contractors, service providers or other third parties;
• to provide AI-enabled features such as automated assistance, summarisation, drafting, categorisation and analytics;
• to improve service quality, security, fraud prevention and operational efficiency using automated tools;
• to conduct data analysis and processing using AI technologies;
• to optimise and personalise our services and your experience;
• to assess the provision of, and provide credit, to you;
• for the administrative, marketing (including direct marketing), planning, product or service development, quality control and research purposes of Zembl, its related bodies corporate, Clients, contractors or service providers;
• to provide your updated personal information to our related bodies corporate, Clients, contractors or service providers;
• to update our records and keep your contact details up to date;
• to process and respond to any complaint made by you; and
• to comply with any law, rule, regulation, lawful and binding determination, decision or direction of a regulator, or in co-operation with any governmental authority of any country (or political subdivision of a country).

Where you are our employee, we may collect, hold, use and disclose your personal information for all purposes connected with our employment relationship. This includes hiring you, training you,administering your personnel records (including pay and leave records), and managing your performance.

We may also use your personal information for other purposes related to those described above, and/or for a purpose for which you would reasonably expect it to be used, as permitted by the applicable Act.

Except as provided below, your personal information will not be shared, sold, rented or disclosed other than as described in this Privacy Policy. We do not disclose personal information we obtain when acting on behalf of one client, to any other client, unless directed by the client.

Zembl sometimes handles personal information relying on exemptions under the applicable Act. Under the Australian Privacy Act 1988, these include exemptions in relation to

(i)employee records;

(ii)related bodies corporate;

(iii) provision of services to State or Territory authorities; and(iv) overseas operations relating to personal information of non-Australians.

Any permitted handling of personal information under such exemptions will take priority over this Privacy Policy to the extent of any inconsistency.

‍

Overview

Zembl uses automated systems and artificial intelligence (AI) to help deliver, support and improve our services, enhance security, quality assurance and internal business operations. Where we use AI, we aim to do so responsibly, transparently and in accordance with this Privacy Policy and the Australian Privacy Act 1988.

How we use AI

• AI may be used to assist with activities such as:
• summarising or drafting content
• categorising or routing enquiries
• analysing service quality and customer interactions  
• detecting fraud or security risks  
• supporting customer interactions and automated assistance
• conducting data analysis and processing
• improving and optimising our services and operations
• automating routine tasks and communications  
• personalising your experience with our services  

In most cases, AI is used as a decision-support tool and outputs are reviewed by appropriately trained personnel before being relied upon in customer-facing or high-impact contexts.

‍

Personal information and AI

Personal information may be input into AI-enabled tools (for example, text, documents, call recordings or survey responses). AI systems may also generate or infer information that relates to an identifiable individual, such as summaries, classifications, recommendations or inferred information. Where AI-generated or inferred information relates to an identifiable individual, it is treated as personal information and handled in accordance with this Privacy Policy, and you maintain all the rights outlined in this Privacy Policy.

‍

Automated decision-making

We do not rely solely on automated decision-making to make decisions that would significantly affect your rights or interests. Where automated tools are used to support decision-making, individuals may request human review of outcomes.

‍

Data protection and security

Where we use third-party AI service providers, we take reasonable steps to ensure those providers process personal information only for authorised purposes and in accordance with contractual, security and confidentiality obligations. We use appropriate technical and organisational measures to maintain the security and integrity of your personal information when processed by AI systems.

‍

Our commitments regarding AI

When using AI with your personal information, we commit to:

Transparency and control

• We will inform you when AI is used to make decisions that may significantly affect you
• We maintain human oversight and review of significant AI-generated decisions
• Our staff are trained to understand AI limitations and verify outputs before relying on them
• We implement processes to verify the accuracy of AI-generated outputs

‍

Security and accuracy

• We regularly test and monitor AI outputs for accuracy and reliability
• We use appropriate security measures to protect your personal information

‍

Risk mitigation

• We assess and document risks associated with using AI to process personal information
• We implement appropriate measures to address these risks
• We continuously monitor AI performance and regularly review their impact

‍

Training of AI models  

We do not use personal information to train publicly available or general-purpose AI models unless we have clearly disclosed this to you and have a lawful basis to do so. Where we use third-party AI service providers, we take reasonable steps to ensure those providers process personal information only for authorised purposes and in accordance with contractual, security and confidentiality obligations.

We may disclose your personal information to:

• our employees, related bodies corporate, Clients, contractors or service providers for the purposes of operation of our websites for our businesses, fulfilling requests by you, and to otherwise providing products and services to you and our Clients including, without limitation, web hosting providers, IT systems administrators, mailing houses, couriers, payment processors, data entry service providers, electronic network administrators, debt collectors, and professional advisors such as accountants, auditors, solicitors, business advisors and consultants; suppliers, Clients and other third parties with whom we have commercial relationships, for business, marketing, credit reporting and related purposes; and/or
• any organisation for any authorised purpose with your express consent.

We may send you direct marketing communications and information about our products and services that we, or our Clients, consider may be of interest to you. These communications may be sent in various forms, including mail, SMS, fax and email, in accordance with applicable marketing laws, such as the Australian Spam Act 2003.

At any time you may opt-out of receiving marketing communications from us by contacting us (see the details below) or by using opt-out facilities provided in the marketing communications and we will then ensure that your name is removed from our mailing list (or where we are using a mailing list provided by our Client, we will pass your request on to our client).

We do not provide your personal information to other organisations for the purposes of direct marketing (see also our use of cookies). However, where we are engaged by our Clients to act on their behalf in collecting personal information then we will pass that personal information on to our client.

At Zembl Pty Ltd, we value the feedback and reviews our customers provide as they help us improve our services and inspire others to take control of their energy solutions. By submitting a review or providing feedback, you grant Zembl Pty Ltd the right to share your comments publicly across our marketing channels unless you explicitly request otherwise.

If you prefer for your feedback to remain private and not be shared publicly, please contact us via email at hello@zembl.com.au after submitting your review or feedback. We will respect your request and ensure your comments are not featured publicly.

Your trust is important to us, and we are committed to being transparent about how we use customer feedback. Thank you for helping us grow and continuously improve.

Providing information

You can choose whether to provide personal information to us, however, if you don't provide certain information, we may not be able to provide some services. Let us know if you don't want to provide information and we will let you know when information is required versus optional.

You may request access to any personal information we hold about you at any time by contacting us (see the details below).

Where we hold information that you are entitled to access, we will try to provide you with suitable means of accessing it (for example, by mailing or emailing it to you).

We may charge you a fee to cover our administrative and other reasonable costs in making the information available to you and, if so, the fees will be $20 per hour of time spent. We will not charge for simply making the request and will not charge for making any corrections to your personal information.

There may be instances where we cannot grant you access to the personal information we hold. For example, we may need to refuse access if granting access would unreasonably interfere with the privacy of others or would result in a breach of confidentiality. If that happens, we will give you written reasons for any refusal.

If you believe that personal information we hold about you is incorrect, incomplete or inaccurate, then you may request us to correct it. We will consider if the information requires correction. If we do not agree that there are grounds for correction then as required by the applicable Act we will, where requested by you, take reasonable steps to attach to or associate with the information a statement of the correction sought but not made, or a statement that the information is inaccurate, out-of-date, incomplete, irrelevant or misleading.

Step 1: Contact our privacy officer

Email: privacy@zembl.com.au

Phone: 1300 957 721

Post: Zembl: Privacy Officer, Level 6, 347 Kent Street, SYDNEY NSW 2000

What to include:

• Your full name, contact details, clear details about your request or complaint, and any relevant dates or reference numbers.

‍

Step 2: Our response

We will:

• Verify your identity before processing your request
• Investigate thoroughly (for complaints) or process your request (for rights)
• Respond to you in writing within reasonable timeframes and as required by law
• Explain what actions we will take and keep you updated on progress
• Not charge you for making a request (except for reasonable access fees if applicable)
• Help you understand and exercise your rights

‍

Step 3: If you're not satisfied (complaints only)

If you're not satisfied with our response to your complaint, you can:

• Ask for a review by our senior management, or
• Contact external bodies:
• Australian residents: Office of the Australian Information Commissioner (Phone: 1300 363 992, Website: www.oaic.gov.au)

This is the same process whether you want to access your information, correct mistakes, change marketing preferences, or make a complaint about our privacy practices.

We may disclose personal information to our related bodies corporate and third party suppliers and service providers located overseas for some of the purposes listed above. Some of our employees are located overseas.

Some AI and cloud-based service providers we use to support our operations may be located overseas. This may involve overseas disclosure of personal information as described above.

Except where specific individual consent has been obtained, we take reasonable steps to ensure that the overseas recipients of your personal information do not breach the privacy obligations relating to your personal information.

We may disclose your personal information to entities located overseas, including the following:

• our related bodies corporate located in Australia, Philippines, Bangladesh, South Africa and the United Kingdom of Great Britain and Northern Ireland;
• our data hosting and other IT service providers, which may be located in the United States of America, Australia, New Zealand, Philippines, Hong Kong, Bangladesh, South Africa, Singapore, Japan, the United Kingdom of Great Britain and Northern Ireland, Sri Lanka, India and the European Economic Union;
• our Clients and their related entities located in foreign countries, to the extent that we are acting on their behalf or at their direction in using, storing, or collecting your personal information.

Applicable foreign countries include United States of America, Australia, Canada, New Zealand, Philippines, Hong Kong, Bangladesh, South Africa, the United Kingdom of Great Britain and Northern Ireland, Singapore, Japan, Sri Lanka and India.

We take reasonable steps to ensure your personal information is protected from misuse and loss and from unauthorised access, modification or disclosure. We may hold your information in either electronic or hard copy form.

Personal information is destroyed or de-identified when no longer required for any of the purposes for which it may be lawfully used or disclosed. As our website is linked to the internet, and the internet is inherently insecure, we cannot provide any assurance regarding the security of transmission of information you communicate to us online.

We also cannot guarantee that the information you supply will not be intercepted while being transmitted over the internet. Accordingly, any personal information or other information which you transmit to us online is transmitted at your own risk.

This Credit Reporting Privacy Policy describes our practices in connection with information we collect and hold about individuals when providing commercial credit, in particular:

• information we collect and hold about individuals who are directors of a company, when providing commercial credit to that company;
• information we collect and hold about individuals who provide a personal guarantee to us in relation to commercial credit we provide to a company; and
• information we collect and hold about individuals who are obtaining that credit for their own business purposes as sole traders or partners in a partnership.

“Credit-related personal information” means one or more of “credit information”, “credit eligibility information”, “credit reporting information” or “regulated information”, as those terms are defined in the Australian Privacy Act 1988.

When you apply for or obtain or guarantee credit from us, the credit-related personal information that we collect from you includes information that identifies you, such as your name, postal address, email address and date of birth and your driver’s license number.

We may exchange credit-related personal information about you with credit reporting bodies (CRBs) for the purposes of assessing commercial credit applications from you or companies of which you are a director, and also to assess whether to accept a guarantee from you.

We may use the information we collect from and about you for account management and administrative purposes directly related to the provision or management of the commercial credit we provide to you or to companies of which you are a director.

We may also report defaults in payment terms or guarantee commitments in relation to commercial credit to CRBs. We may also disclose your credit-related personal information to any guarantor of your obligations to us.

We may also use the information we collect from and about you to:

• collect overdue payments;  
• assign debts; and
• create assessments and ratings of your creditworthiness.

We may disclose your credit-related personal information to our related bodies corporate and third-party suppliers and service providers located outside Australia, for the purposes set out in this Credit Reporting Privacy Policy.

We may update this policy at any time by posting the revised version on our website. We recommend that you review our website regularly to stay current with any policy changes.

‍

Updated April 2026