Consumers and end-users (S4)

At Alliander, we believe energy is a basic need. We stand for an energy supply that is affordable, reliable and accessible to everyone on equal terms. It follows that Alliander’s customers are among our most important stakeholders. Within that group, we distinguish between business customers and consumers, specifically in terms of our network management activities in our area of operation. The following subtopics and sub-subtopics are material for our customers:

  • Privacy.

  • Personal safety of consumers and/or end-users.

  • Access to products and services.

Customers are regarded as stakeholders in stakeholder management. In 2025, like in 2024, there were no reports of human rights violations concerning consumers and end-users. At present, we do not have a (fully developed) human rights policy. Work is being done in the organisation involving human rights in relation to consumers and end-users. We expect our business partners to view their own customers as important stakeholders and serve customers accordingly, for instance by establishing a complaints process.

Privacy

Alliander has a firm grip on the swift and controlled achievement of its social mission. Meeting our objectives inevitably involves processing personal data. At the same time, Alliander greatly values the trust of its customers, employees and society, even as it looks towards the current rapid growth of the organisation. The Management Board therefore seeks to maintain adequate personal data protection and respect the privacy of all customers, employees and other data subjects.

Impacts, risks and opportunities

  • Negative impact – A data confidentiality breach in relation to the management of our electricity and gas networks could lead to the misuse of customers’ personal data.

Policy and approach

Privacy policy

We have a privacy policy in order to address potential negative effects. Alliander’s Privacy Policy sets out the processes for the organisation, implementation, operation, management, monitoring and continuous improvement of privacy within Alliander and its subsidiaries. Alliander’s Privacy Policy has been approved by the Management Board and is evaluated annually to make sure it is up to date, fair and complete, and it is modified where required. The policy concerns all Alliander customers and employees. Stakeholders expect us to use their data and personal details safely and carefully. Data exchange has become a permanent social and economic phenomenon. Exchanging and storing privacy-sensitive data requires maximum security at all times.

The privacy statement is available online on Alliander’s website. It includes detailed information on data processing and the procedure for making complaints. Alliander also has a whistleblower policy.

Actions

  • The Alliander Privacy Office uses a risk register which prescribes appropriate measures. The register contains relevant measures from the privacy-by-design instruments and ISO 27701, which are linked to privacy maturity levels. The maturity levels enable Alliander to set a target level per topic and data domain/organisational unit and to assess the status of personal data protection within the organisation.

  • Besides the existing GDPR privacy controls in the various organisational units, the Privacy Control Framework (PCF) became available in 2025 in the form of a reporting tool including dashboards. The PCF contains instruments that translate the GDPR into a data protection quality cycle for Alliander processes as indicated in the 1Alliander Process Model. The framework thus offers specific tools to guarantee the secure handling of personal data within the organisation. We also started sending out quarterly Privacy Updates to the relevant organisational units in 2025, with a summary of their personal data processing operations, risks and any data breaches.

To prevent misuse of personal data, data protection impact assessments are performed by the Privacy Officers. When misuse does occur, it is usually due to a data leak. Measures are then taken to seal the leak and notify the affected persons and, where necessary, the Dutch Data Protection Authority.

Objectives and results in 2025

Alliander respects the privacy of its employees and customers. This means that we exercise due care in using their personal data and treat it confidentially. We meet the requirements set out in the law implementing the General Data Protection Regulation (GDPR). Customers and employees can be confident that Alliander handles personal data with care and acts immediately if the integrity of that data is threatened.

We measure our privacy and data protection performance (privacy maturity) by the number of identified leaks reported to the Data Protection Authority and affected customers. In 2025, like in 2024, there were no data breaches involving customers that required reporting to the Dutch Data Protection Authority and the customers concerned. At present, no significant objectives and actions have been formulated in connection with ESRS; however, other measures are discussed in this chapter.

Personal safety of consumers and/or end-users

For Alliander, the ‘personal safety of consumers and/or end-users’ subtopic translates into safe infrastructure. Work on gas and electricity infrastructure involves risks. Safe working practices without incidents are vital for all stakeholders and are our highest priority. The possibility that incidents could occur in the energy network demands a targeted approach. To achieve this, we ensure that we understand the risks and take action to mitigate them.

Safe infrastructure is vital for all those involved. Employees expect a working environment where they can concentrate and work safely. Customers expect us to guarantee their safety during the performance of our work. Safety incidents can also involve members of the public, visitors or passers-by at locations where we are working. Occasionally, discharges of gas or electricity may occur that endanger or cause damage to the surrounding area. Accidents affecting individual lives caused by our networks always have a very severe impact.

Impacts, risks and opportunities

  • Potential negative impact – Unsafe conditions in the infrastructure (our electricity and gas networks) could cause death or injury to customers or members of the public.

  • Risk – Safety incidents involving the management of our electricity and gas networks lead to reputational damage, compensation and fines.

Policy and approach

Electricity Network Code

The Electricity Network Code (Netcode Elektriciteit) contains requirements for network operators and users in three areas:

  • Operation of the networks.

  • Connecting customers to the networks.

  • Transmitting electricity through the networks.

The equivalent requirements for gas are set out in the Dutch Gas Act. We want to maintain the optimal reliability and safety of the network by performing maintenance in a targeted way. We call this value-focused maintenance. Maintenance is focused on ensuring the ongoing safety and reliability of the networks.

For a description of the policy, please refer to the ‘Own workforce (S1)’ topic, the ‘Health and safety’ sub-subtopic and the ‘Safety controls’, ‘Broad safety expertise’ and ‘Safe behaviour’ paragraphs.

Actions

  • Alliander has an active Incident Review Group, at which incidents, accidents and near-misses are discussed with the aim of learning from them and improving the safety and quality of our facilities. We work constantly on improving a safe infrastructure, both for our own people and for our partners and customers.

  • In major outages and emergencies, an internal crisis organisation is mobilised. Within this organisation, staff members of various departments work on-call shifts. Depending on the nature and scale of the incident, we set up a case and/or investigation team when the crisis is over to assist with and finalise any internal and/or external investigations. All major incidents are evaluated to identify and implement possible improvements.

Objectives and results in 2025

At Alliander, our safety objective is ‘Everyone safely home! With zero accidents.’ There were 4 accidents involving members of the public in 2025 (2024: 0). For these purposes, a ‘member of the public’ is defined as a person who does not have a direct role in network management activities, but is present nearby such activities. In this report, only members of the public who are involved in an incident as a result of these activities are included.

Access to products and services

The vast majority of Alliander’s products and services concern access to energy. Energy is a basic need for our everyday lives. Being able to offer connection to the energy network and acting with social empathy to prevent disconnection are therefore high priorities. Amidst the ongoing transformation of the energy system, it is vital to ensure that everyone retains access to affordable energy on equal terms. Our products also have a digital component. Customers count on excellent service, communication and handling of interruptions, questions and complaints. When they contact Liander, they want to feel they are being listened to and helped, know where they stand, and feel at ease.

Stakeholders can report complaints or misconduct relating to our company and work carried out on our behalf through Liander.nl and our telephone customer service.

We have defined Access to Energy and Cybersecurity as the key issues under this subtopic. We are successively drawing up a policy and approach, measures and objectives for both issues.

Access to energy

Impacts, risks and opportunities

  • Positive impact – Customers get access to electricity and gas, which increases their well-being.

  • Risk – Disruptions to electricity and gas supplies lead to compensation payments.

  • Risk – Increasing pressure on limited network capacity, resulting in increased maintenance times, may lead to compensation claims.

  • Opportunity – Innovative solutions improve access to power and grid management, leading to higher revenue or lower costs.

Policy and approach

Energy laws and codes

The way in which managers and users of electricity and gas should behave is largely laid down in the Dutch Gas Act and the Dutch Electricity Act. Both these acts were replaced by the new Dutch Energy Act as of 1 January 2026. In addition, more operational and detailed rules will be established in subordinate legislation and energy codes, which are issued by the ACM and contain agreements between the users and managers of the gas and electricity network. They are available on ACM’s website. Important changes to the regulations are made public through the Netherlands Government Gazette and other channels. The Dutch Gas Act and Dutch Electricity Act contain provisions relating to tariff structures, terms and conditions, and the application of compensation resulting from outages. The ACM checks compliance with the codes.

The Electricity Network Code and the Gas Task Code contain provisions on the operation of the networks, connecting customers and the transmission of electricity. Liander as network operator has a duty of connection and a duty of non-discrimination. All consumers and business customers are connected and given equal treatment. This means that we do not further subdivide customers into different types.

Security of supply is covered in Article 11 of the Electricity Network Code and Article 2 of the Gas Task Code. Security of supply means that the supply of electricity and gas to small consumers must be continuous. Specific obligations are imposed on energy suppliers, the parties responsible for network balancing and for metering, and regional network operators. These responsibilities have been laid down by MFF-HetNormo (the Market Facilitation Forum and central data sharing entity) in a standardised process model called the Detailed Process Model for Security of Electricity and Gas Supply. MFF-HetNormo shares these agreements with participants and other stakeholders on its website. In addition to MFF-HetNormo, Energy Data Services Nederland B.V. also plays an important role in facilitating these processes. This company’s tasks include managing the Central Connections Register, which makes it possible for customers to switch between energy suppliers. Regional network operators ensure that switches between energy suppliers run as smoothly as possible and that small consumers always have access to gas and electricity.

Disconnection policy

The disconnection policy is set out in the Ministerial disconnection policy for small consumers of electricity and gas regulation (Disconnection Policy Regulation). The regulation specifies that network operators must terminate the supply of electricity or gas in cases where:

  • The customer requests it.

  • There is a case of fraud or the conditions are unsafe.

  • There is no known supplier (active energy contract) for the connection.

The Disconnection Policy Regulation and the Electricity and Gas Information Code set out the responsibilities in the event that a contract is terminated by a supplier (termination of supply). Disconnections are carried out by the network operator on the basis of a supply termination notice, by physically disconnecting the meter at the customer’s premises. This is done in accordance with the standardised Termination of Supply market process prescribed under Retail Processes in the MFF-HetNormo Market and Subprocesses.

The operation of the Disconnection Policy Regulation is discussed in the Flanking Policy working group at Netbeheer Nederland, whose participants also include the Ministries of Climate and Green Growth, Social Affairs and Employment Opportunities, and the industry association Energie Nederland. These parties are also consulted when the Disconnection Policy Regulation needs to be amended. The network operators prepare their input for these consultations jointly within the Disconnection Policy working group.

The number of supply terminations and disconnections is provided monthly by the various parties to Netbeheer Nederland, which then shares the aggregated data with the Ministries of Climate and Green Growth, and Social Affairs and Employment Opportunities.

Energy poverty prevention policy

The government’s introduction of the Disconnection Policy Regulation in April 2023 is intended to give consumers who struggle to pay their energy bills better protection against being cut off. Customers eligible for solutions to payment difficulties, which are often the cause of disconnection, are often unable to obtain them in good time. Customers for whom Liander receives a supply termination notice are referred again to debt counselling. The network operators are striving to ensure that they stop receiving supply termination notices for households that include vulnerable consumers and/or are in energy poverty. However, the new disconnection policy under the Energy Regulation, effective from 2026, does not ban this. In addition to network operators, other key partners, such as the Energy Bank, energy suppliers and local authorities, are also exploring ways to improve the disconnection process. In this context, Radboud University and Erasmus University are currently conducting a study focused on reducing energy inequality through alternative disconnection policies. This study, together with previous studies by network operators, is intended to provide input for a vision and plan for future system changes that include safeguards to prevent vulnerable consumers from being disconnected.

Within Alliander, the director of the Market Services department has overall responsibility for implementing policy on security of supply, the disconnection policy and the policy to prevent energy poverty. The department also ensures that this policy is agreed with government and authorities, such as the Ministry of Climate Policy and Green Growth, the Netherlands Authority for Consumers & Markets, and with partners in the industry such as the NVVK (the industry association for debt relief and financial services), MFF-HetNormo, energy suppliers and other regional network operators.

Congestion management

We are working to address network congestion. The grid is not being expanded and upgraded quickly enough. Due to shortages of workers, resources and space, as well as lengthy permitting processes, the waiting lists continue to grow. This is why we are working on solutions to better utilise the grid as it is today,

with the help of market parties and customers. Together, we are exploring how to reduce consumption peaks and further shift demand to quieter periods. We do this by entering into capacity-limiting contracts (CBCs). In 2025, we entered into several day-ahead contracts: CBC-A (on call) and CBC-T (fixed time window). Under these contracts, Liander and the customers in question agree on when the customer can or cannot use the additional capacity. This can be based on fixed time agreements or on an ‘on-call’ basis, where Liander lets the customer know one day in advance when they have to consume less capacity and how much less. This applies both to receiving electricity from the grid and feeding electricity into the grid. Next, Liander issues a request for reduced capacity on GOPACS, to which Congestion Service Providers (CSPs) respond on behalf of the customer. At the agreed time, the customer is switched back by the CSP. We also assess, on a case-by-case basis, whether and how the outage reserve can be used to help customers on the waiting list. These customers will then not be able to use the contracted capacity during an outage or maintenance. Additionally, we are looking into and testing where and when we can increase the load on our assets. Using the latest innovations, we are gaining better insight into grid loads and are able to prevent overloading safely and sustainably using tools such as the Realtime Interface (RTI). These efforts will allow us to connect more and more customers.

Customer convenience

The key determining factor of customer satisfaction is their perception of convenience in their contacts with parties such as our technicians and our Customer Contact Centre. Immediately after completion of a job, we ask customers for feedback on our services. The Customer Effort Score (CES) gives us insight into the perceived convenience and areas for improvement in our services. In 2025, Alliander switched from the Net Effort Score (NES) to the Customer Effort Score (CES) to measure customer convenience. While the NES calculates the difference between the percentage of customers experiencing convenience and those finding it difficult to use a company’s services, the CES focuses solely on the proportion of customers who have to put effort into their dealings with a company. Alliander aims to reduce the effort its customers have to exert in their interactions with Alliander, which is why the CES is better suited as a management tool.

Customers count on excellent service, communication and handling of service interruptions, questions and complaints. Business customers expect a clear point of contact and expect us to deliver on our commitments. Focusing on customer satisfaction is a priority.

Our CES is increasingly under pressure, as customers sometimes feel that they are not being offered a solution or prospects, or because cases are closed without a solution. As a result, customers give the overall process a negative rating, which pushes up the effort score. This effect is amplified by the fact that we survey a broader group of customers for our CES. Our strategic focus in this respect rests on three pillars:

  • End-to-end management in the value chain – managing and setting priorities based on customer value.

  • Predictable and proactive communication – informing customers clearly and in a timely manner about status and next steps.

  • Data-driven feedback.

Actions

Uninterrupted delivery

  • If an outage occurs, customers want to be informed as soon as possible about its nature, extent and probable duration. We provide this information to customers by text message.

Energy poverty

  • In April 2024, clear guidelines on energy poverty were issued by the EU. These require certain changes to be made to our policy and market model. The Ministry of Climate Policy and Green Growth is currently working on an amendment to the Ministerial Disconnection Policy from the Energy Regulation under the Energy Act (also referred to as the General Disconnection Policy). This amendment, coordinated with the Ministry of Social Affairs and Employment, ensures that provider obligations for contract termination are more closely aligned with the early warning system and municipal debt counselling programmes (Municipal Debt Counselling Act).

  • In 2025, Alliander made a one-time financial contribution to the Dutch Temporary Energy Emergency Fund, which covers part of the energy bill for qualifying households over a period of six months following their application. These payments are made through their energy provider.

  • Together with value chain partners, Alliander has worked on a vision and plan geared towards preventing (energy) debt and energy poverty, and towards guaranteeing energy access and affordability.

Congestion management

  • To better utilise network capacity and help customers get connected more quickly, we focus on managing supply and demand. We do this by steering customer behaviour through customer insights and various kinds of flexible contracts to help prevent peak loads and better distribute available capacity. Our efforts in this respect include running awareness campaigns that include explainer videos, monitoring instances where customers exceed their contracted capacity and offering consumers handy tools such as smart EV charging. In all of this, we team up with public institutions and housing corporations to increase impact and ensure broad support.

  • We are investing heavily in the energy network. We do so proactively, including through our neighbourhood approach, but also reactively through capacity assessments and by monitoring network loads across all network levels.

  • We are exploring ways to better utilise the existing network. First we look at the network-related technical solutions we could apply, such as increasing loads or using emergency capacity. If this does not provide enough capacity, we switch to congestion management. This starts with a congestion management study, following which we ask existing customers if they could be flexible in their energy usage. If necessary, we can make it mandatory for customers with capacity above 1 MW to switch to flexible usage. If this still does not free up sufficient capacity, we can apply non-market-based congestion management at a market-based tariff.

  • We offered customers various types of flexible contracts, including CBCs, redispatch contracts and group contracts (GTOs or Group CBCs). Given our commitment to working with the market on this, we try to partner with CSPs under a framework agreement as much as possible.

  • Since a sustainable, future-proof energy system will always require flexibility, we are also working on contract types that can be used when we are not applying congestion management. These are the so-called ‘alternative transport rights’ (ATRs). In 2026, we will be able to offer customers the first block power contracts.

  • We have set up a number of measures that we take as soon as we notice the grid getting overloaded. These measures include reducing feed-in from customers who have an RTI device. If there is a real risk of overloading, we can also disconnect customers who are feeding electricity into the grid. When it comes to consumption, we can disconnect medium-voltage stations as a last resort only.

Customer convenience

  • We have created a central customer profile that employees can use, implemented a customer awareness programme and ensure that customers receive information about the status of their requests, outages and (work being done on) the energy network, including information about what they themselves can do.

Objectives and results in 2025

Alliander’s long-term objective in terms of access to energy is to ensure that the switch to sustainable energy is achieved in a manageable way, so that the future energy system remains affordable, reliable and available to everyone on equal terms. Nobody should be excluded from participating in society by energy poverty. To make this measurable, we work with various KPIs.

Uninterrupted delivery

We monitor security of power supply based on the power outage duration KPI, which records the average number of outage minutes per connection. The target for 2025 was 26 minutes (2024: 23 minutes). The average power outage duration in 2025 was 23.6 minutes (2024: 24.6 minutes).

To monitor gas supply security, the KPI we use is the average gas outage duration per gas network connection (in seconds). The average gas outage duration in 2025 was 43 seconds (2024: 104 seconds). With respect to the duration of gas outages, we have set a benchmark of below 105 seconds without formulating a specific target. Note that the gas outage duration is largely determined by isolated events.

The electricity and gas outage durations of our German operations are consolidated using a revenue-based allocation key. Revenue provides a reproducible and transparent measure for the ratio between the different activities.

The average outage duration
per electricity network connection (minutes)
Average outage duration
per gas network connection (seconds)

Congestion management

Congestion management targets are measured using two specific KPIs:

The number of transmission restrictions imposed by Liander (2025 target: 8,535). The number of transmission restrictions represents the number of current transmission restrictions where the customer (within the technical limits) is unable to transport the desired amount of power through their existing connection (type 4). In 2025, 7,044 transmission restrictions were imposed (2024: 6,862). Due to increasing demand for capacity, partly as a result of the energy transition, parts of the power grid are reaching full capacity faster than Liander can expand the network. However, we expect the number of transmission restrictions to gradually decrease as alternative contract types are rolled out and the network is expanded. From 2026, we will align our definition of transmission restrictions with the sector-wide definition, which includes both internal transmission restrictions and externally imposed transmission restrictions.

The number of CBCs concluded. The number of CBCs concluded is the number of CBCs that came into effect at any point during the reporting year. A CBC (from the Dutch for ‘capacity-limiting contract’) is an agreement whereby the customer consents to reduce their electricity consumption. There are several different types of CBCs. A CBC-T is a capacity-limiting contract in which fixed time windows are agreed with the counterparty for the full duration of the contract. The time windows may vary by customer and station, and by time of day, week/weekend or month. Under the CBC-A agreement with a business customer, Liander is entitled to ‘call’ a capacity limitation one day in advance. The customer receives compensation from Liander in exchange. In a mandatory bid contract, a congestion service provider (CSP) undertakes to make flexible capacity available when congestion occurs in an area where the provider is active.

In 2025, 216 capacity-limiting contracts were concluded (2024: 104). The target for 2025 was 1,029 (2024: 1,300). This is the number of capacity-limiting contracts that took effect during 2025. Growth in this number is still lagging, however, because the contracting process is still too slow, even though it is improving, and because a large portion of potential contracts are still being prepared.

Customer convenience

The Customer Effort Score (CES) is our benchmark for customer service. The CES is divided into four segments, each with a specific target: Private Customers (17%), Business Customers (22%), Maintenance & Outages (9%) and Large Corporate (30%).

Customer convenience (% effort)

The Customer Effort Score (CES) reflects the extent to which customers and market parties feel they have to put in an effort to achieve a requested outcome in dealing with Alliander (% effort). Monitoring these targets is a priority, as the CES guides us in achieving process simplification, predictable lead times and transparent communication. The CES is embedded in our corporate dashboard, which makes it a variable that has a bearing on our decision-making.

Cybersecurity

Impacts, risks and opportunities

  • Risk – Cyberattacks threaten electricity operations, leading to compensation payments and costs in relation to the attack.

Policy and approach

The Strategic Alliander Security Policy sets out how security is organised and managed. This policy was drawn up by the Management Board, based on ISO 27000. The Security Rules of Conduct form part of the policy. These set out how the Alliander N.V. organisation and its subsidiaries should contribute to Alliander’s security.

The Chief Information Security Officer (CISO) defines Alliander’s standards (controls) for each security domain under ISO 27002 (organisation, personnel, physical and technical). This Alliander-specific content is updated annually. The standards then form the basis for the specific measures. Organisational units must in principle abide by the standards, but may deviate from the set of measures in accordance with the ‘comply or explain’ principle. Deviations from the set of measures must be evaluated and approved by the CISO.

The processes for ensuring data security are drawn up under the auspices of the CISO. The overall system for ensuring data security is based on ISO 27000. Validations are currently ongoing within Alliander for the partial ISMSs under ISO 27001. This will apply in the future to the Alliander-wide Information Security Management System.

Actions

The CISO Office operates from five strategic pillars to make Alliander resilient and future-proof in an increasingly complex digital landscape. These strategic pillars are:

  • Security maturity: Increasing the security maturity of all organisational units to at least level 2 of the Cybersecurity Capability Maturity Model (C2M2) by 2027.

  • Alliander ISMS: Implementing an organisation-wide information security management system (ISMS) to ensure demonstrable control and compliance, with certification planned for 2026.

  • Business continuity management: Ensuring continuity through robust plans and measures for critical processes and systems.

  • Security by design: Integrating security into all digitalisation initiatives from the design phase.

  • Resilience: Strengthening resilience against cyber threats and geopolitical risks through collaboration and innovation.

Together, these strategic pillars make up the foundation for a secure, reliable and agile organisation that is ready to face the challenges of tomorrow.

To make employees cybersecurity-aware, we have taken the following measures:

  • There is a CISO office intranet page on which security incidents can be directly reported.

  • The CISO office has established liaison officers who act as primary and secondary contacts for the Alliander organisational units.

  • The CISO office offers various security services, such as penetration tests, security monitoring and training.

We also engage in coalitions with network operators, the scientific community, industry and knowledge institutions so that we can create the required digital products and services faster and more efficiently.

We have real-time insight into the status of the landscape and we are doing everything possible to automate the response to matters found in the landscape.

Objectives and results in 2025

For the objectives and results, please refer to the ‘Objectives and results in 2025’ paragraph in the Privacy subtopic.