Privacy Policy

1. About This Privacy Policy

1.1 Who We Are

BatteryIQ (Middlez Pty Ltd) ("BatteryIQ," "we," "us," or "our") is an Australian company that helps homeowners make informed decisions about home battery systems. Unlike traditional lead generation websites that sell your contact details to multiple installers, we operate on a revenue-share model where we earn a commission only when you successfully complete a battery installation with one of our certified installers.

Our Commitment: We are committed to protecting your privacy and handling your personal information responsibly in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

1.2 Scope of This Policy

This Privacy Policy explains:

• What personal information we collect about you
• How and why we collect it
• How we use and protect your information
• When and with whom we share your information
• Your rights regarding your personal information
• How you can contact us about privacy matters

This Privacy Policy applies to all information collected through:

• Our website at batteryiq.com.au
• Calculator tools and quote request forms
• Email, phone, and other communications with us
• Future mobile applications (if developed)

1.3 Australian Privacy Principles Compliance

As an APP entity under the Privacy Act 1988, we comply with all 13 Australian Privacy Principles. These principles govern how we collect, use, store, and disclose your personal information.

2. Information We Collect

We collect different types of information depending on how you interact with our service. We only collect information that is reasonably necessary to provide our services.

2.1 Information You Provide Directly

Calculator Information:

When you use our battery calculator, you provide:

• Postcode - to determine your state and applicable rebates
• Solar system capacity - to calculate potential savings (e.g., "5kW", "10kW")
• Daily electricity usage - to estimate battery sizing (e.g., "25 kWh/day")
• Electric vehicle status - whether you own or plan to purchase an EV
• Home ownership status - whether you own your home (affects financing options)

Household Income (Optional):

• Annual household income - used ONLY to assess eligibility for federal and state rebates
• This is OPTIONAL - you can decline to provide this and still receive a quote
• We treat income data as sensitive information requiring explicit consent
• Income data is encrypted and never shared with installers

Quote Request Information:

When you request a formal quote from an installer:

• Full name
• Email address
• Phone number
• Property address (street address of installation site)
• Preferred contact method and times

Bill Upload (Optional):

If you choose to upload your electricity bill for more accurate analysis:

• Electricity bill images or PDFs - analyzed to extract:
  • Usage patterns
  • Tariff structure
  • Time-of-use consumption
  • Current retailer and plan
• Note: Account numbers are automatically redacted during processing
• Note: Bill uploads are optional - not required for a quote

2.2 Information We Collect Automatically

Technical Information:

When you visit our website, we automatically collect:

• Browser type and version - to ensure website compatibility
• Device information - device type, operating system
• Referring website - how you found us
• Pages visited - which pages you view on our site
• Time and date of visit
• Calculator interactions - which fields you complete, steps taken

IP Address and Location Detection (Grid Status Page Only):

• IP address - collected on our Grid Status page to determine your approximate Australian state
• Service Provider: We use ipapi.co (a third-party geolocation service) to convert your IP address to an approximate location
• Purpose: To show you relevant grid data for your state (e.g., Victoria vs NSW electricity pricing)
• Data Shared with ipapi.co: Your IP address only
• Homepage: We do NOT use IP geolocation on our homepage - you can browse our main pages without triggering any location detection

Purpose: This information helps us improve our website, diagnose technical issues, understand how users interact with our calculator, and provide state-specific grid data where requested.

2.3 Information We Receive from Third Parties

Installer Feedback:

When you complete an installation, we may receive:

• Installation completion date
• System specifications installed
• Customer satisfaction feedback (if you provide it to installer)

Purpose: This helps us maintain quality standards and improve our installer certification program.

Public Information:

We may supplement your information with publicly available data such as:

• Property information (e.g., from state land titles offices)
• Solar radiation data for your area (from Bureau of Meteorology)

Purpose: To provide more accurate battery sizing and savings estimates.

2.4 Sensitive Information

Under the Privacy Act 1988, "sensitive information" includes health information, racial or ethnic origin, political opinions, religious beliefs, sexual orientation, criminal records, and certain biometric information.

BatteryIQ's Handling of Sensitive Information:

• We collect household income, which we treat as sensitive financial information
• Income is collected ONLY with your explicit consent
• Income is used ONLY to assess federal and state rebate eligibility
• Income data is encrypted, stored separately, and never shared with installers
• You can decline to provide income and still receive all other services

We do NOT collect any other types of sensitive information as defined by the Privacy Act.

3. How We Collect Information

3.1 Direct Collection

Most information is collected directly from you:

• When you use our calculator tool on batteryiq.com.au
• When you upload an electricity bill (optional)
• When you request a quote by filling out our contact form
• When you email, call, or otherwise communicate with us
• When you provide feedback about our service

3.2 Automatic Collection

Some information is collected automatically:

• Through cookies and similar technologies (see Section 10)
• Through website analytics to understand user behavior
• Through server logs that record website access

3.3 Collection from Third Parties

We may receive information from:

• Installers who complete installations (completion status, system details)
• Public databases (property information, solar data)

We do NOT purchase contact lists or personal information from data brokers.

3.4 Notification of Collection

Before or at the time of collecting your personal information, we will inform you:

• Who we are and how to contact us
• What information we are collecting
• Why we are collecting it
• Who we may disclose it to
• Whether collection is required by law or is optional
• The consequences (if any) of not providing the information
• How you can access and correct your information
• How you can complain about privacy breaches

This notification may be provided through this Privacy Policy, through notices on our website, or through specific collection forms.

4. How We Use Your Information

We use your personal information only for the purposes for which it was collected, or for related purposes that you would reasonably expect.

4.1 Primary Uses

To Provide Our Services:

• Calculate battery system recommendations based on your usage and solar capacity
• Assess your eligibility for federal and state rebates
• Generate personalized savings estimates
• Connect you with certified installers in your area
• Facilitate communication between you and installers
• Process bill uploads through AI analysis to extract usage patterns

To Improve Our Services:

• Analyze aggregate calculator usage to improve accuracy
• Identify common user questions to enhance our content
• Test new features and functionality
• Conduct research on battery adoption trends (anonymized data)

To Communicate with You:

• Respond to your inquiries and quote requests
• Send transactional emails (quote confirmations, installer introductions)
• Provide customer support
• Send important service updates or policy changes

4.2 Secondary Uses (With Your Consent)

Marketing Communications (Opt-In Only):

• Industry news and battery technology updates
• New rebate programs or incentives
• Tips for maximizing battery performance
• Special offers from our certified installers

Note: You must explicitly opt-in to receive marketing communications. You can unsubscribe at any time.

4.3 Legal and Compliance Uses

Required by Law:

• Comply with legal obligations (tax reporting, regulatory compliance)
• Respond to lawful requests from government authorities
• Enforce our Terms and Conditions
• Protect our rights, property, or safety, or that of our users or the public

4.4 Data Analytics and Research

Aggregated and De-identified Data:

We may use aggregated, anonymized data for:

• Research on renewable energy adoption trends
• Reporting on our environmental impact (e.g., "Our users have installed X MW of battery capacity")
• Industry reports and white papers

Note: This data cannot be used to identify any individual.

4.5 What We DON'T Do with Your Information

We NEVER:

• Sell your personal information to third parties or data brokers
• Share your information with competing installers for lead generation
• Use your income data for any purpose other than rebate eligibility assessment
• Share your bill images with anyone other than our AI processing service
• Use your information for purposes you have not consented to

5. How We Share Your Information

We do not sell or rent your personal information to third parties. We only share your information in the limited circumstances described below.

5.1 Certified Installers

When You Request a Quote:

When you explicitly request a quote, we share the following information with ONE certified installer in your area:

• Your name, email address, and phone number
• Your property address (installation site)
• Your solar system capacity and electricity usage
• Your EV ownership status
• Your preferred contact method

We DO NOT Share:

• Your household income
• Your raw electricity bills or bill images
• Your payment information
• Any other personal information not listed above

Purpose: To enable the installer to prepare an accurate quote and contact you about installation.

Your Control: You authorize this sharing when you submit a quote request. The installer is bound by contractual obligations to use your information only for providing the quote and installation services.

5.2 Service Providers

We share personal information with trusted third-party service providers who help us operate our business. These providers are contractually obligated to use your information only as instructed by us and to protect your information.

AI Processing Service (Anthropic):

• Information Shared: Electricity bill images (optional upload only)
• Purpose: To extract usage patterns, tariff information, and consumption data
• Location: United States
• Safeguards: Anthropic is bound by our Data Processing Addendum and maintains SOC 2 compliance
• Data Retention: Bills are not stored by Anthropic; processed and immediately deleted

IP Geolocation Service (ipapi.co):

• Information Shared: Your IP address (on Grid Status page only)
• Purpose: To determine your approximate Australian state for relevant grid data
• Location: International (ipapi.co is a global service)
• Privacy Policy: ipapi.co/privacy
• Data Retention: ipapi.co does not store personal data; see their privacy policy for details

Website Hosting (Vercel/AWS):

• Information Shared: All website data necessary for hosting
• Purpose: To deliver our website and ensure uptime
• Location: Primarily United States
• Safeguards: Industry-standard security practices, encryption, and access controls

Payment Processor (Future):

• Information Shared: Name, email, payment information (when applicable)
• Purpose: To process payments for future premium features (if implemented)
• Safeguards: PCI-DSS compliant payment processor

Email Service Provider (Future):

• Information Shared: Email address, name (for opted-in communications)
• Purpose: To send transactional and marketing emails
• Safeguards: Unsubscribe mechanisms, data encryption

5.3 Legal and Compliance Disclosures

We may disclose your personal information if required or authorized by law:

• Government Authorities: In response to lawful requests (subpoenas, court orders)
• Law Enforcement: To assist in investigations or prevent illegal activity
• Regulatory Bodies: To comply with energy sector regulations
• Legal Proceedings: To establish, exercise, or defend legal rights

5.4 Business Transfers

In the event of a merger, acquisition, sale of assets, or bankruptcy:

• We may transfer your personal information to the acquiring entity
• We will notify you before your information becomes subject to a different privacy policy
• You will have the option to delete your account before the transfer

5.5 With Your Consent

We may share your information for other purposes with your explicit consent.

6. International Data Transfers

Some of our service providers are located outside Australia, which means your personal information may be transferred to, stored, and processed in other countries.

6.1 Countries Where Data May Be Transferred

Your personal information may be transferred to:

• United States: Anthropic (AI processing), Vercel (hosting), future payment processors
• Other countries: Where our service providers maintain data centers or operations

6.2 Safeguards for International Transfers

When we transfer your personal information overseas, we take reasonable steps to ensure the recipient does not breach the Australian Privacy Principles. This may include:

Service Provider Agreements:

• Data Processing Addendums (DPAs) requiring APP-equivalent protections
• Contractual obligations to implement appropriate security measures
• Standard Contractual Clauses (SCCs) where applicable

Security Certifications:

• SOC 2 Type II compliance
• ISO 27001 information security standards
• Industry-specific certifications (e.g., PCI-DSS for payment processors)

Encryption:

• Data encrypted in transit (TLS/SSL)
• Data encrypted at rest
• End-to-end encryption for sensitive information

6.3 Your Rights Regarding International Transfers

By using our service, you consent to the international transfer of your personal information to the countries and service providers listed above. You can withdraw this consent by requesting deletion of your data (see Section 7).

If you have concerns about international data transfers, please contact us at privacy@batteryiq.com.au.

7. Your Rights and Choices

Under the Privacy Act 1988 and the Australian Privacy Principles, you have important rights regarding your personal information.

7.1 Right to Access Your Information (APP 12)

You have the right to:

• Request access to the personal information we hold about you
• Receive a copy of your personal information in a commonly used format

How to Exercise This Right:

1. Email your request to privacy@batteryiq.com.au
2. Provide sufficient details to verify your identity
3. Specify what information you wish to access

Our Response:

• We will respond within 30 days
• Access is provided free of charge
• We may ask for verification to protect your privacy

Exceptions:

We may deny access if providing it would:

• Unreasonably impact another person's privacy
• Pose a serious threat to someone's life, health, or safety
• Reveal our proprietary business information
• Be unlawful

If we deny access, we will explain why and inform you of complaint mechanisms.

7.2 Right to Correct Your Information (APP 13)

You have the right to:

• Request correction of inaccurate, outdated, or incomplete information
• Have us update your information to ensure it is accurate

How to Exercise This Right:

1. Email your request to privacy@batteryiq.com.au
2. Specify what information needs correction
3. Provide the correct information

Our Response:

• We will review and respond within 30 days
• Corrections are made free of charge
• If we disagree with your correction request, we will:
  • Explain our reasons
  • Allow you to attach a statement noting your disagreement
  • Notify any third parties to whom we disclosed the information

7.3 Right to Delete Your Information

You have the right to:

• Request deletion of your personal information (subject to exceptions)
• Close your account and have all associated data removed

How to Exercise This Right:

1. Email your request to privacy@batteryiq.com.au
2. Confirm you wish to permanently delete your information

Our Response:

• We will delete your information within 30 days
• Some information may be retained if required by law (e.g., tax records)
• We will confirm deletion once complete

Limitations:

We may retain information if:

• Required by law (e.g., 7-year tax record retention)
• Necessary to complete a transaction you requested
• Necessary to detect and prevent fraud
• Part of an ongoing dispute or legal matter

7.4 Right to Opt-Out of Marketing

You have the right to:

• Unsubscribe from marketing emails at any time
• Opt-out of marketing communications while keeping your account

How to Exercise This Right:

• Click "Unsubscribe" at the bottom of any marketing email
• Email privacy@batteryiq.com.au with your opt-out request
• Update your communication preferences (when account features are available)

Our Response:

• We will process your opt-out within 7 days
• You will still receive transactional emails (quotes, service updates)

7.5 Right to Lodge a Complaint

You have the right to:

• Complain about how we handle your personal information
• Lodge a complaint with the Office of the Australian Information Commissioner (OAIC)

See Section 15 for detailed complaint procedures.

7.6 Anonymity and Pseudonymity (APP 2)

You have the option to:

• Browse our website anonymously (we collect only technical data)
• Use our calculator without providing contact information (estimates only)

When identification is required:

• To request a formal quote from an installer (we need your contact details)
• To upload bills for analysis (optional, requires consent)
• To comply with legal requirements (e.g., verifying identity for financial transactions)

8. Data Security

We take the security of your personal information seriously and implement a range of technical and organizational measures to protect it.

8.1 Security Measures

Technical Safeguards:

• Encryption in transit: All data transmitted to/from our website is encrypted using TLS/SSL
• Encryption at rest: Sensitive data (including income information) is encrypted in our database
• Secure hosting: Our website is hosted on secure, professionally managed servers
• Access controls: Personal data is accessible only to authorized personnel with a legitimate need
• Authentication: Strong password requirements and multi-factor authentication for staff
• Regular security updates: We apply security patches promptly
• Automated backups: Regular encrypted backups to prevent data loss

Organizational Safeguards:

• Privacy training: All staff receive privacy and data security training
• Access logging: We log all access to personal information for audit purposes
• Data minimization: We collect only what's necessary and delete data when no longer needed
• Third-party audits: Regular security assessments by independent experts
• Incident response plan: Documented procedures for detecting and responding to data breaches

8.2 Data Breach Response

In the event of a data breach that is likely to result in serious harm to individuals:

• Assessment: We will assess the breach within 30 days
• Notification: We will notify affected individuals and the OAIC as soon as practicable
• Recommendations: We will provide guidance on steps you can take to protect yourself
• Remediation: We will take immediate action to contain and remediate the breach

What constitutes "serious harm":

• Financial loss or identity theft
• Physical or psychological harm
• Serious damage to reputation
• Loss of business or employment opportunities

For more information, see our Data Breach Response Plan (internal document).

8.3 Your Role in Security

You can help protect your information by:

• Using strong, unique passwords for any accounts you create with us
• Not sharing your login credentials with anyone
• Being cautious about phishing emails pretending to be from BatteryIQ
• Logging out after using shared or public computers
• Keeping your contact information up to date so we can reach you if needed

8.4 Limitations

Important: While we implement industry best practices, no online service is 100% secure. We cannot guarantee absolute security of data transmitted over the internet or stored electronically. By using our service, you acknowledge this inherent risk.

If you have reason to believe your information has been compromised, please contact us immediately at privacy@batteryiq.com.au.

9. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, or as required by law.

9.1 Retention Periods

Calculator Data (No Quote Requested):

• Retention: 90 days from last calculator use
• Purpose: To allow you to return and complete your quote request
• Deletion: Automatically deleted after 90 days of inactivity

Quote Request Data:

• Retention: 2 years from quote date (or until installation if earlier)
• Purpose: To facilitate installer matching and track installation outcomes
• Deletion: Automatically deleted after 2 years if no installation occurs

Completed Installation Data:

• Retention: 10 years from installation date
• Purpose: To support warranty claims, quality tracking, and environmental impact reporting
• Deletion: After 10 years, or upon your request (subject to legal retention requirements)

Bill Upload Data:

• Retention: Immediately deleted after processing
• Purpose: Only to extract usage patterns for quote accuracy
• Deletion: Raw bill images are never stored; processed data follows quote retention periods

Household Income Data:

• Retention: Deleted immediately after rebate eligibility assessment
• Purpose: Only to determine federal/state rebate eligibility
• Deletion: Purged from systems within 24 hours of collection

Marketing Communication Data (Opted-In):

• Retention: Until you unsubscribe or request deletion
• Purpose: To send newsletters and updates
• Deletion: Immediately upon unsubscribe request

Transaction Records (Future):

• Retention: 7 years from transaction date
• Purpose: Tax compliance, accounting requirements
• Deletion: After 7 years (legal requirement)

9.2 Legal Retention Requirements

Some information must be retained by law:

• Tax and financial records: 7 years (Australian Tax Office requirement)
• Dispute records: Until resolution + 6 years (statute of limitations)
• Records subject to litigation hold: Until matter is resolved

9.3 Anonymization

Where possible, we anonymize data:

• After initial retention period, data may be de-identified for research
• Anonymized data cannot be linked back to you
• Anonymized data is not considered "personal information" under the Privacy Act

9.4 Requesting Early Deletion

You can request deletion of your information at any time (see Section 7.3), subject to legal retention requirements. We will accommodate your request to the fullest extent possible under law.

10. Cookies and Tracking Technologies

We use cookies and similar technologies to improve your experience on our website.

10.1 What Are Cookies?

Cookies are small text files stored on your device when you visit our website. They allow our website to remember your preferences and recognize you on return visits.

10.2 Types of Cookies We Use

Essential Cookies (Required):

• Purpose: Enable core website functionality (calculator, form submission)
• Duration: Session cookies (deleted when you close your browser)
• Data Collected: Session ID, form progress
• Opt-Out: Cannot be disabled without breaking website functionality

Analytics Cookies (Optional):

• Purpose: Understand how users interact with our website to improve design
• Duration: Up to 2 years
• Data Collected: Pages visited, time on site, browser type, referral source
• Opt-Out: Controllable through cookie consent banner

Marketing Cookies (Optional - Future):

• Purpose: Deliver relevant advertisements and measure campaign effectiveness
• Duration: Up to 1 year
• Data Collected: Ad interaction, conversion tracking
• Opt-Out: Controllable through cookie consent banner

10.3 Third-Party Cookies

We may use third-party services that set cookies:

• Google Analytics (if implemented) - website traffic analysis
• Google Ads (if implemented) - advertising effectiveness

These third parties have their own privacy policies governing how they use information collected through cookies.

10.4 Managing Your Cookie Preferences

You can control cookies by:

1. Cookie Consent Banner: Accept or reject optional cookies when you first visit our site
2. Browser Settings: Configure your browser to block cookies entirely or alert you when cookies are set
3. Opt-Out Tools: Use industry opt-out tools like YourOnlineChoices.com.au

Note: Disabling essential cookies will prevent the calculator and quote request forms from functioning properly.

10.5 Do Not Track Signals

Some browsers offer "Do Not Track" (DNT) signals. Our website does not currently respond to DNT signals, but we respect your cookie preferences set through our cookie consent banner.

11. Third-Party Links

Our website may contain links to third-party websites, including:

• Installer company websites
• Government rebate program websites (e.g., cleanhomeenergysavings.gov.au)
• Industry resources and educational content
• Social media platforms

Important: We are not responsible for the privacy practices of these third-party websites. We encourage you to read the privacy policies of any website you visit through links on our site.

Third-Party Content:

• Third-party links are provided for convenience and information
• We do not endorse or control third-party websites
• Your interactions with third-party sites are governed by their privacy policies

12. Children's Privacy

BatteryIQ's services are intended for adults (18 years and older) who own or are purchasing property.

We do not:

• Knowingly collect personal information from children under 18
• Target our services to children
• Offer services specifically designed for children

If we discover we have collected information from a child under 18:

• We will delete that information as soon as possible
• We will not use or disclose the information

Parents/Guardians: If you believe your child has provided personal information to us, please contact us at privacy@batteryiq.com.au so we can delete it.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or business operations.

13.1 How We Notify You of Changes

Material Changes:

If we make material changes that significantly affect how we use your personal information, we will:

• Post a prominent notice on our website
• Send an email notification (if you have provided your email address)
• Provide at least 30 days' notice before the changes take effect
• Request renewed consent where required by law

Non-Material Changes:

• We will update this Privacy Policy and change the "Last Updated" date
• Changes take effect immediately upon posting
• We encourage you to review this policy periodically

13.2 Archived Versions

Previous versions of this Privacy Policy are available at: [URL to be created]

13.3 Your Options

If you disagree with updated terms:

• You can stop using our services
• You can request deletion of your account and personal information
• You can contact us with questions or concerns

Continued use of our services after policy changes constitutes acceptance of the updated policy.

14. Contact Us

14.1 Privacy Inquiries

14.2 General Inquiries

For general questions about our services:

• Email: hello@batteryiq.com.au
• Website: https://www.batteryiq.com.au

14.3 Our Commitment to Responding

We aim to respond to all privacy inquiries within 30 days. If we need more time, we will notify you and provide an estimated response date.

15. Complaints and Disputes

We take privacy complaints seriously and have established procedures to address them fairly and promptly.

15.1 Making a Complaint to BatteryIQ

If you believe we have breached your privacy:

15.2 If You're Not Satisfied with Our Response

You can escalate to the OAIC:

The OAIC can:

• Investigate privacy complaints
• Attempt conciliation between parties
• Make determinations on complaints
• Seek civil penalties in Federal Court for serious breaches

Note: The OAIC generally requires you to first complain to us before accepting a complaint, unless there are exceptional circumstances.

15.3 Your Rights During Complaint Process

You have the right to:

• Be treated fairly and respectfully
• Have your complaint taken seriously
• Receive a response within a reasonable timeframe
• Seek external review if unsatisfied with our response
• Not be penalized for making a complaint

15.4 Our Commitment

We are committed to:

• Responding to all complaints professionally and promptly
• Investigating thoroughly and impartially
• Taking corrective action where breaches have occurred
• Learning from complaints to improve our privacy practices
• Maintaining confidentiality throughout the process