Website privacy and security policy
In accordance with the New Zealand Privacy Act 2020, Mercury maintains high standards for the protection of data to ensure that customer information remains private and is only used for the purpose it was collected.
As required by the Privacy Act 2020, Mercury follows strict security procedures in the storage and disclosure of your personal information. Our security procedures mean that we may occasionally request proof of identity before we are able to disclose sensitive information to you.
This policy is regularly reviewed and if necessary updated to meet requirements for internet privacy. You can always find the most recent version of the policy right here.
Collection of data and information from website and app visits
Personal information about you (e.g. your name, contact details, electricity usage data) may be collected by Mercury (and/or its subsidiaries) during the course of your use of our website or app, or when you speak to someone in our contact centre.
Rest assured, we’ll only gather your data when you supply this to us voluntarily (e.g. when website visitors send emails, respond to customer surveys or use the 'My Account' service on the website). We then use this information to ensure we fulfil your request/s.
Mercury also gathers generic information about visits to our website (page views, time on site, how you got to the site etc.) to understand how we can make your experience on our website better.
Purpose of collection
Mercury will use your personal information for the following purposes:
- Supplying you with electricity and associated services, including billing, meter reading, app experiences.
- Communicating offers and promotions to you via email and text when we have your permission to do so
- Inviting you to participate in surveys
- Responding to requests for information;
- Providing you with information about goods and services that ‘we’ your Network Company (where applicable), and/or (unless you instruct us otherwise) other persons may from time to time wish to offer you.
Access to and correction of personal information
You may at any time request access to, or (if necessary) correction of, any personal information about you held by Mercury.
Customer data transmitted across the public internet
Mercury will always ensure that your privacy is protected when logging onto our website, app, or when using the 'My Account' service.
256-bit SSL (Secure Sockets Layer) Encryption is used for all traffic interactions with the
‘My Account’ service. Browsers unable to support SSL will not allow a customer to logon to the website 'My Account' service.
When you send us an email it is not encrypted and is therefore not secure.
Website and app security
The Mercury website has layers of security to protect it against malicious, possible breaches of the system (‘cracking’) and unauthorised access to customer data.
Communications you have with Mercury (including but not limited to this website) may be subject to monitoring by us or authorised third parties for security purposes.
Your data or logon information (user name and password) is not permanently stored on the website
Mercury’s website uses both non-persistent and persistent cookies to manage a customer's visit to the site. Non-persistent cookies are temporary and are deleted when a browser session is closed and persistent cookies are used in order that third party vendors, such as Google, can serve ads based on a user's prior visits to the Mercury website.
Other than as noted above, information about a visit to Mercury’s website is not permanently stored on a visitor or customer's personal computer.
While Mercury recommends that you enable cookies in order to enjoy all the features of Mercury’s website, this is entirely up to you. (The management of cookies will be different depending on each user's PC - refer to your browser help menu for further information).
Use of data and information collected from website and app visits
Mercury will not sell or reveal information obtained about its visitors to anyone outside of Mercury unless:
- It is specifically authorised by the visitor.
- It is legally required to do so.
- Such disclosure is required to protect the safety of employees, visitors, customers, or property.
Use of email or mobile number for customer communications
During your interactions with us via the website or contact centre, you can supply an email address which we will use to contact you about our service. Mercury does not sell or rent email addresses to third-party organisations.
By default, a customer is:
- opted-in to regular monthly and/or weekly account updates.
- opted-in to Mercury service announcements.
- opted-in to receive survey invitations to help us improve our service to you.
If you’d rather not receive these types of communications, you can advise us by calling 0800 10 18 10.