Consumers and end-users (S4)

At Alliander, we believe energy is a basic need. We stand for an energy supply that is affordable, reliable and accessible to everyone on equal terms. It follows that Alliander’s customers are among our most important stakeholders. Within that group, we distinguish between business customers and consumers, specifically in terms of our network management activities in our area of operation. The following subtopics and sub-subtopics are material for our customers: 

  • Privacy

  • Personal safety of consumers and/or end users

  • Access to products and services

Customers are regarded as stakeholders in stakeholder management. In 2024, there were no reports of human rights abuses concerning consumers and end users. At present, we do not have a (fully developed) human rights policy. Work is being done in the organisation involving human rights in relation to consumers and end users. We expect our business partners to view their own customers as important stakeholders and serve customers accordingly, for instance by establishing a complaints process.

Privacy

Alliander has a firm grip on the swift and controlled achievement of its social mission. Meeting our objectives inevitably involves processing personal data. At the same time, Alliander greatly values the trust of its customers, employees and society, even as it looks towards the current rapid growth of the organisation. The Management Board therefore seeks to maintain adequate personal data protection and respect the privacy of all customers, employees and other data subjects.

Impacts, risks and opportunities

  • Negative impact – A data confidentiality breach in relation to the management of our electricity and gas networks could lead to the misuse of customers’ personal data.

Policy and approach

Privacy policy

We have a privacy policy in order to address potential negative effects. Alliander’s Privacy Policy sets out the processes for the organisation, implementation, operation, management, monitoring and continuous improvement of privacy within Alliander and its subsidiaries. Alliander’s Privacy Policy is approved by the Management Board, evaluated annually to make sure it is up to date, fair and complete, and modified where required. The policy concerns all Alliander customers and employees. Stakeholders expect us to use their data and personal details safely and carefully. Data exchange has become a permanent social and economic phenomenon. Exchanging and storing privacy-sensitive data requires maximum security at all times.

The Alliander Privacy Office uses a risk register which prescribes appropriate measures. The register contains relevant measures from the privacy-by-design instruments and ISO 27701, which are linked to privacy maturity levels. The maturity levels enable Alliander to set a target level per topic and data domain/organisational unit and to assess the status of personal data protection within the organisation.

Besides the existing GDPR privacy controls in the various organisational units, a Privacy Control Framework (PCF) will become available in the first quarter of 2025 in the form of a reporting tool including dashboards. The PCF contains instruments that translate the GDPR into a data protection quality cycle for Alliander processes as indicated in the 1Alliander Process Model. The framework thus offers specific tools to guarantee the secure handling of personal data within the organisation.

The privacy statement is available online on Alliander’s website. It includes detailed information on data processing and the procedure for making complaints. Alliander also has a whistleblower policy.

To prevent misuse of personal data, data protection impact assessments are performed by the Privacy Officers. When misuse does occur, it is usually due to a data leak. Measures are then taken to seal the leak, inform the affected persons and where necessary notify the Dutch Personal Data Protection Authority.

Objectives and results in 2024

Alliander respects the privacy of its employees and customers. This means that we exercise due care in using their personal data and treat it confidentially. We meet the requirements set out in the law implementing the General Data Protection Regulation (GDPR). Customers and employees can be confident that Alliander handles personal data with care and acts immediately if the integrity of that data is threatened.

We measure our privacy and data protection performance (privacy maturity) by the number of identified leaks reported to the Data Protection Authority and affected customers. In 2024, there were no data breaches involving customers that required reporting to the Dutch Data Protection Authority and the customers concerned. At present, no significant objectives and actions have been formulated in connection with ESRS; however, other measures are discussed in this chapter.   

Personal safety of consumers and/or end users

For Alliander, the ‘personal safety of consumers and/or end users’ subtopic translates into safe infrastructure. Work on gas and electricity infrastructure involves risks. Safe working practices without incidents are vital for all stakeholders and are our highest priority. The possibility that incidents could occur in the energy network demands a targeted approach. To achieve this, we ensure that we understand the risks and take action to mitigate them.

Safe infrastructure is vital for all those involved. Employees expect a working environment where they can concentrate and work safely. Customers expect us to guarantee their safety during the performance of our work. Safety incidents can also involve members of the public, visitors or passers-by at locations where we are working. Occasionally, discharges of gas or electricity may occur that endanger or cause damage to the surrounding area. Accidents affecting individual lives caused by our networks always have a very severe impact. However, such accidents are rare.

Impacts, risks and opportunities

  • Potential negative impact – Unsafe conditions in the infrastructure (our electricity and gas networks) could cause death or injury to customers or members of the public.

  • Risk – Safety incidents involving the management of our electricity and gas networks lead to reputational damage, compensation and fines.

Policy and approach

Electricity Network Code

The Electricity Network Code (Netcode Elektriciteit) contains requirements for network operators and users in three areas:

  • operation of the networks

  • connecting customers to the networks

  • transmitting electricity through the networks

The equivalent requirements for gas are set out in the Dutch Gas Act. We want to maintain the optimal reliability and safety of the network by performing maintenance in a targeted way. We call this value-focused maintenance. Maintenance is focused on ensuring the ongoing safety and reliability of the networks.

For a description of the policy, please refer to the Own Workforce topic (S1), sub-subtopic Health and Safety, under the paragraphs on safety controls, broad safety expertise and safe behaviour. 

Incident Review Group

Alliander has an active Incident Review Group, at which incidents, accidents and near-misses are discussed with the aim of learning from them and improving the safety and quality of our facilities. We work constantly on improving a safe infrastructure, both for our own people and for our partners and customers.

In major outages and emergencies, an internal crisis organisation is mobilised. Within this organisation, staff members of various departments work on-call shifts. Depending on the nature and scale of the incident, we set up a case and/or investigation team when the crisis is over to assist with and finalise any internal and/or external investigations. All major incidents are evaluated to identify and implement possible improvements.

Objectives and results in 2024

At Alliander, our safety objective is ‘Everyone safely home! With zero avoidable accidents.’ There were no accidents involving members of the public in 2024.

In addition, Alliander promotes a proactive culture where safety comes first. The goal is a permanent behavioural change that we can consistently demonstrate through a level 4 score on the Safety Culture Ladder. An in-house system has been set up to monitor this score continuously, comprising internal self-assessments, behavioural audits and topic analyses.

Mandatory training

Last year we improved safety levels by making sure that all employees followed the mandatory training on time, including instructions for first-time visitors, VCA and life-saving actions. In addition, tool testing and calibrations have been centralised to ensure that technicians have access to the right tools in a timely manner and without having to interrupt their work.

49% of Alliander employees and 31% of temporary staff work for a business unit with an ISO 45001 certificate. These are the O&S, GVRN, KV and Qirion operational business units. 

Access to products and services

The vast majority of Alliander’s products and services concern access to energy. Energy is a basic need for our everyday lives. Being able to offer connection to the energy network and acting with social empathy to prevent disconnection are therefore high priorities. Amidst the ongoing transformation of the energy system, it is vital to ensure that everyone retains access to affordable energy on equal terms. Our products also have a digital component. Customers count on excellent service, communication and handling of interruptions, questions and complaints. When they contact Liander, they want to feel they are being listened to and helped, know where they stand, and feel at ease.

We have defined Access to Energy and Cybersecurity as the key issues under this subtopic.

Impacts, risks and opportunities

Access to energy

  • Positive impact – Customers get access to electricity and gas, which increases their well-being.

  • Risk – Disruptions to electricity and gas supplies lead to compensation payments.

  • Risk – Increasing pressure on limited network capacity, resulting in increased maintenance times, may lead to compensation claims.

  • Opportunity – Innovative solutions create better access to electricity and gas, and improve network management, leading to higher revenue.

Cybersecurity

  • Risk – Cyber attacks threaten electricity operations, leading to compensation payments and costs in relation to the hack. 

We are successively drawing up a policy and approach, measures and objectives for both issues.

Access to energy

Policy and approach

Energy laws and codes

The way in which managers and users of electricity and gas should behave is largely laid down in the Dutch Gas Act and the Dutch Electricity Act. Regulations are laid down in the energy codes, which are issued by the ACM and contain agreements between the users and managers of the gas and electricity network. They are available on ACM’s website. Important changes to the regulations are made public through the Netherlands Government Gazette and other channels. These regulations can be found in the Gas Act and Electricity Act under ‘Tariff structures and conditions’. The acts also include rules for the payment of compensation for outages. The ACM checks compliance with the codes.

The Electricity Network Code and the Gas Task Code contain provisions on the operation of the networks, connecting customers and the transmission of electricity. Alliander as network operator has a duty of connection and a duty of non-discrimination. All consumers and business customers are connected and given equal treatment. This means that we do not further subdivide customers into different types.

Security of supply

Security of supply is covered in Article 11 of the Electricity Network Code, and Article 2 of the Gas Task Code. Security of supply means that the supply of electricity and gas to small consumers must be continuous. Specific obligations are imposed on energy suppliers, the parties responsible for network balancing and for metering, and regional network operators. These responsibilities are laid down by MFFBAS (the Market Facilitation Forum and Manager Agreement System for the Energy Market) in a standardised process model called the Detailed Process Model for Security of Electricity and Gas Supply. MFFBAS shares these agreements with participants and other stakeholders on its website. In addition to MFFBAS, Energy Data Services Nederland plays an important role in facilitating these processes. Among their tasks is managing the Central Connections Register, which makes it possible for customers to switch between energy suppliers. Regional network operators ensure that switches between energy suppliers run as smoothly as possible and that small consumers always have access to gas and electricity.

Disconnection policy

The disconnection policy is set out in the Ministerial disconnection policy for small consumers of electricity and gas regulation (Disconnection Policy Regulation). The regulation specifies that network operators must terminate the supply of electricity or gas in cases where:

  • the customer requests it;

  • there is a case of fraud or the conditions are unsafe;

  • there is no known supplier (active energy contract) for the connection.

The Disconnection Policy Regulation and the Electricity and Gas Information Code set out the responsibilities in the event that a contract is terminated by a supplier (termination of supply). Disconnections are carried out by the network operator on the basis of a supply termination notice, by physically disconnecting the meter at the customer’s premises. This is done in accordance with the standardised Termination of Supply market process prescribed under Retail Processes in the MFFBAS Market and Subprocesses.

The operation of the Disconnection Policy Regulation is discussed in the Flanking Policy working group at Netbeheer Nederland, whose participants also include the Ministries of Climate and Green Growth, Social Affairs and Employment Opportunities, and the industry association Energie Nederland. These parties are also consulted when the Disconnection Policy Regulation needs to be amended. The network operators prepare their input for these consultations jointly within the Disconnection Policy working group.

The number of supply terminations and disconnections is provided monthly by the various parties to Netbeheer Nederland, which then shares the aggregated data with the Ministries of Climate and Green Growth, and Social Affairs and Employment Opportunities.

Energy poverty

The government’s introduction of the Disconnection Policy Regulation in April 2023 is intended to give consumers who struggle to pay their energy bills better protection against being cut off. A joint pilot project with the City of Amsterdam has shown that 52% of disconnections can be prevented by entering into a new contract and accepting help with paying for energy where required. Customers eligible for solutions to payment difficulties, which are often the cause of disconnection, are often unable to obtain them in good time. Customers for whom Liander receives a supply termination notice are referred again to debt counselling. The network operators are striving to ensure that they stop receiving supply termination notices for households that include vulnerable consumers and/or are in energy poverty.

Responsibilities

Within Alliander, ultimate responsibility for the access-to-energy policy lies with the director of the Market Services department. The department also ensures that this policy is agreed with government and authorities, such as the Ministry of Climate and Green Growth, the Netherlands Authority for Consumers & Markets, and with partners in the industry such as the NVVK (the industry association for debt relief and financial services), MFFBAS, energy suppliers and other regional network operators.

Congestion management

Network congestion prevents or delays customer connections, which delays the energy transition and can negatively impact their well-being. To tackle network congestion, Alliander focuses on customers with a connection, including customers on the waiting list. Alliander adopts a targeted approach to understanding how much flexibility connected customers have, and we can work in a targeted way to reach agreements with customers, which can alleviate network congestion. The consequence of network congestion may be that we are, temporarily, unable to fulfil our mission, or unable to do so in a timely manner.

Measures

  • If an outage occurs, customers want to be informed as soon as possible about its nature, extent and probable duration. We provide this information to customers by text message.

  • Our service provision is evaluated by independent supervisory bodies such as the ACM.

  • In April 2024, clear guidelines on energy poverty were issued by the EU. These require certain changes to be made to our policy and market model. Liander carried out joint pilot projects with the local authorities in Amsterdam (2023) and Arnhem (2024) on supply terminations caused by payment difficulties. Following on from these projects, Netbeheer Nederland worked on an overall vision for this issue and alternative models for supply termination were explored. The next steps for 2024 and 2025 are optimisation of the Disconnection Policy Regulation (Ministry of Climate and Green Growth) and the development of an early warning system for energy poverty (Ministry of Social Affairs and Employment Opportunities).

  • Following the optimisation of the Disconnection Policy Regulation and the early warning system, we will map out and optimise the process along the whole chain. Once the optimisation is complete, vulnerable consumers should no longer have to face disconnection. This is expected to take a number of years, given that two chains of different ministries are involved.

  • During extreme winter weather, we take appropriate action to ensure that everyone has access to electricity and heat (security of supply). In this context, we go further than the law requires.

  • Liander looks for flexibility at connected customers that can be used to manage congestion. Proposals are also being made for the introduction of alternative transmission rights to complement the existing ‘firm’ transmission rights and enable customers themselves to optimise electricity consumption and generation locally, downstream from their connection to Liander. The National Network Congestion Action Programme has been set up to work with network operators, ministries, the supervisory body and industry associations on the changes needed to the electricity system. In 2024, this was expanded to include a similar action programme for low voltage.

A congestion management control framework is in development and is now active, although the most important control instruments in the framework have not yet been implemented in the Alliander Management System.

Customer convenience

The key determining factor of customer satisfaction is their perception of convenience in their contacts with parties such as our technicians and our Customer Contact Centre. Immediately after completion of a job, we ask customers for feedback on our services. To express the amount of convenience experienced by customers, we calculate a score – the Net Effort Score, or NES. This information gives us insight into the good results we achieve and the areas where improvements still need to be made. The measures we have taken are as follows:

  • Customers count on excellent service, communication and handling of interruptions, questions and complaints. Business customers expect a clear point of contact and expect us to deliver on our commitments. Focusing on customer satisfaction is a priority. Stakeholders can report complaints or misconduct relating to our company and work carried out on our behalf through Liander.nl and our telephone customer service.

  • The new Liander website went live at the end of January 2024. Initial results show that information has become easier to find, the website is more accessible and the performance of the website has improved.

  • Over the next few years, we will make a central customer profile available for employees, implement a customer awareness programme and ensure that customers receive information about the status of their requests, outages and (work being done on) the energy network, including information about what they themselves can do.

Objectives and results in 2024

Alliander’s long-term objective in terms of access to energy is to ensure that the switch to sustainable energy is achieved in a manageable way, so that the future energy system remains affordable, reliable and available to everyone on equal terms. Nobody should be excluded from participating in society by energy poverty. To make this measurable, we work with various KPIs.

Uninterrupted delivery

  • The KPI used to measure the average duration of electricity outages is outage consumption minutes, which records the average number of minutes of outage per connection. The target for 2024 was 23 minutes. The average electricity outage duration in 2024 was 24.6 minutes. 

  • To monitor security of gas supply, the KPI we use is the average outage per gas network connection (in seconds). The average outage duration per gas network connection in 2024 was 104 seconds. 

Congestion management

Congestion management targets are measured using two specific KPIs:

  • The number of transmission restrictions imposed by Liander (2024 target: 8,122). This represents the number of current transmission restrictions where the customer (within the technical limits) is unable to transmit the desired amount of power via their existing connection (type 4). In 2024, 6,862 transmission restrictions were imposed. 

  • The number of CBCs concluded. A CBC (from the Dutch for ‘capacity-limiting contract’) is an agreement whereby the customer consents to reduce their electricity consumption. There are several different types of CBCs. A CBC-T is a capacity-limiting contract in which fixed time windows are agreed with the counterparty for the full duration of the contract. The time windows may vary by customer and station, and by time of day, week/weekend or month. Under the CBC-A agreement with a business customer, Liander is entitled to ‘call’ a capacity limitation one day in advance. The customer receives compensation from Liander in exchange. In a mandatory bid contract, a congestion service provider (CSP) undertakes to make flexible capacity available when congestion occurs in an area where the provider is active.

In 2024, 104 capacity-limiting contracts were concluded (2024 target: 1,300). This is the number of capacity-limiting contracts that took effect during 2024. During the course of the year, the definition of the KPI was narrowed to encompass capacity-limiting contracts only, rather than all of the contracts originally envisaged. As a result, achievement of the KPI falls short of the original target.    

Customer convenience

We measure our progress based on perceived customer convenience. Customer convenience among ordinary consumers and business market consumers is measured using the Net Effort Score (NES) based on the Consumer Effort Score (CES) question: %convenience - %effort. This score is given by deducting the percentage of customers experiencing difficulty with the service from the percentage of customers finding it easy. The KPI is a calculation of the NES score, as an annual average, in relation to the various value chains for the ordinary consumer market on the one hand, and the business market on the other.

The aim is for customer convenience to increase in the coming years and to remain higher than the national benchmark of Dutch network operators. For customer convenience as measured by the NES score, that means a score of at least 48% for consumers and 42% for business customers. During 2024, the NES was 54.3% for consumers and 32.3% for business customers.  

Cybersecurity

Policy and approach

The Strategic Alliander Security Policy sets out how security is organised and managed. This policy was drawn up by the Management Board, based on ISO 27000. The Security Rules of Conduct form part of the policy. These set out how the Alliander N.V. organisation and its subsidiaries should contribute to Alliander’s security.

The Chief Information Security Officer (CISO) defines Alliander’s standards (controls) for each security domain under ISO 27002 (organisation, personnel, physical and technical). This Alliander-specific content is updated annually. The standards then form the basis for the specific measures. Organisational units must in principle abide by the standards, but may deviate from the set of measures in accordance with the ‘comply or explain’ principle. Deviations from the set of measures must be evaluated and approved by the CISO.

The processes for ensuring data security are drawn up under the auspices of the CISO. The overall system for ensuring data security is based on ISO 27000. Validations are currently ongoing within Alliander for the partial ISMSs under ISO 27001. This will apply in the future to the Alliander-wide Information Security Management System.

Measures

To make employees cybersecurity-aware, we have taken the following measures: 

  • There is a CISO office intranet page on which security incidents can be directly reported.

  • The CISO office has established liaison officers who act as primary and secondary contacts for the Alliander organisational units. 

  • The CISO office offers various security services, such as penetration tests, security monitoring and training.

We also engage in coalitions with network operators, the scientific community, industry and knowledge institutions so that we can create the required digital products and services faster and more efficiently. 

We have real-time insight into the status of the landscape and we are doing everything possible to automate service management and service assurance.

Objectives and results in 2024

For the objectives and results, please refer to the ‘Objectives and results in 2024’ subsection in the Privacy subtopic.