We collect personal information directly from you in person and from your communication with us, including by telephone, email, form, letter, facsimile or other means. For example, we may collect your personal information directly from you when:
We may also collect your personal information from a third party or publicly available source for the purpose of providing our services to you.
We collect, store, use, and disclose personal information for purposes relating to our accounting, financial, and lending functions and activities. For example, we may collect, store, use, or disclose your personal information for one or more of the following purposes:
The types of personal information that we collect and store about you depends on the type of product or service that we are providing to you.
The personal information that we collect and store about you may include:
We do not collect sensitive information about you unless required by law, or if you have consented to it. Sensitive information includes information relating to:
We may collect your health information with your consent, where it is relevant to provide our services including obtaining insurance for you.
If you choose not to provide information to us, we may not be able to provide you with our products or services.
We are committed to keeping your personal information secure. We will take reasonable steps to protect your personal information from misuse, loss, unauthorised access, modification and disclosure. We store your personal information in different ways, including in paper and electronic format. The measures we take to protect the security of your personal information include electronic and physical security measures, such as:
Where the information we collect is no longer required, we will delete the information or permanently de-identify it.
We may disclose your personal information to third parties for the purpose of providing our services including the following third parties:
Some of our Service Providers and third parties, to whom we may disclose your personal information, may be located overseas. We conduct suitable due diligence and risk assessments, including data security, of all third parties prior to engaging them or using their services.
We do not sell personal information to third parties.
We may additionally use or disclose personal information where authorised or required by law.
Under the Australian Privacy Principles and Health Privacy Principles you have rights to access personal information and health information respectively that we store about you, except as set out below. If you wish to access the information, please contact our Privacy Officer at email@example.com.
In some circumstances, we may refuse to give you access to your personal information or health information. Those circumstances are set out in the Australian Privacy Principles and Health Privacy Principles respectively and include situations when your request may unreasonably impact on another person’s right to privacy and frivolous or vexatious requests. If we are entitled under the Australian Privacy Principles or Health Privacy Principles, to refuse to give you access to your personal information or health information respectively, we will tell you and provide reasons for our decision.
We reserve the right to charge a reasonable fee for fulfilling your request for access to your personal information or health information.
In the event of a significant data breach, under the Notifiable Data Breaches (“NDB”) scheme we may be required to notify individuals who are likely to suffer serious harm as a result of an eligible data breach. We must also notify the Privacy Commissioner.
If you access our website, we may collect additional information about you in the form of your IP address or domain name.
We may, from time to time, provide you with links to websites owned or operated by unrelated third parties. These websites are not under our control and we are not responsible for their respective privacy handling policies. We suggest that you read theses websites’ privacy policies before disclosing personal information to them.
If you have a complaint, we will respond and advise whether we agree with your complaint. If we do not agree, we will provide reasons. If we do agree, we will advise what (if any) action we consider appropriate to take in response. If you are still not satisfied after having contacted us, then if your complaint relates to our handling of your personal information you may contact the Office of the Australian Information Commissioner or, alternatively, if your complaint relates to our handling of your health information, you may contact the Office of the Health Services Commissioner.
You may contact the Office of the Australian Information Commissioner by:
Phone: 1300 363 992
Post: GPO Box 5218, Sydney, NSW 2001
You may contact the Office of the Health Services Commissioner by:
Phone: 1300 582 113
Post: Level 26, 570 Bourke Street, Melbourne, VIC 3000