Privacy Policy

Issued 19 February 2016

Who are we?

‘We’, ‘us’ and ‘our’ refer to Credit Concierge Pty Ltd ACN 625 017 165 Australian Credit Licence 511803 and our subsidiaries and related businesses.

Our commitments to protect your privacy

We understand how important it is to protect your personal information. This document sets out our privacy policy commitment in respect of personal information we hold about you and what we do with that information.

We recognise that any personal information we collect about you will only be used for the purposes we have collected it or as allowed by law. It is important to us that you are confident that any personal information we hold about you will be treated in a way that ensures protection of your personal information.

Our commitment in respect of personal information is to abide by the Australian Privacy Principles for the protection of personal information, as set out in the Privacy Act 1988 (Privacy Act), the Privacy (Credit Reporting) Code 2014 (Credit Reporting Code) and any other relevant laws.

Personal information

When we refer to personal information we mean information from which your identity is reasonably apparent. This information may include information or an opinion about you.

The kinds of personal information we may collect about you include your name, date of birth, address, email address, phone number, account details, occupation, transaction history and any other information we may need to identify you.

If you are applying for finance we may also collect the ages and number of your dependants and cohabitants, the length of time at your current address, your employment details and proof of earnings and expenses, and your Tax File Number or tax residency status.

When you visit our websites or use our mobile apps, we collect your location information, IP address, mobile device and network information and any third party sites you access. For more information on how we do this, visit www.creditconcierge.com.au and click on the Cookies link at the bottom of the page.

The personal information we may collect, hold and use may include your Credit-related information.

Credit-related information means:

  • Credit information is personal information or an opinion about you that has a bearing on credit that has been provided to you or that you have applied for. This includes information about your identity; the type, terms and maximum amount of credit provided to you, including when that credit was provided and when it was repaid; repayment history information, default information (including overdue payments); payment information; new arrangement information; financial hardship arrangement information including whether you have made a financial hardship arrangement with us; details of any serious credit infringements; court proceedings information; personal insolvency information and publicly available information; and
  • Credit eligibility information, which is credit reporting information supplied to us by a credit reporting body, and any information that we derive from it.

We use your credit-related information to assess your eligibility to be provided with finance. Usually, credit-related information is exchanged between credit and finance providers and credit reporting bodies.

If you want to make purchases from or through us we will also collect your payment information. We will also collect this information if we need to make payments to you. If you apply for employment with us we will collect information about your work history and ask your referees about you.

Why we collect your personal information

We collect and receive personal information about you (including credit-related information) in order to conduct our business including for the purposes of assessing your application for finance and managing that finance, establishing your identity, contacting you, managing our risk, and to comply with our legal obligations. We may also collect your personal information for the purposes of direct marketing and managing our relationship with you. Improvements in technology also enable organisations like ours to collect and use information to get a more integrated view of our customers. From time to time we may offer you other products and services.

If you apply for employment with us we will collect information about you to assist us to decide whether to appoint you and to thereafter manage your relationship with us.

We collect payment information in order to process your payments.

How do we collect your personal information?

Where reasonable and practical we will collect your personal information directly from you. We may also collect information about you that is publicly available, such as from public registers or social media, or made available by third parties. We may also collect your personal information from credit reporting bodies, lenders, finance brokers, employers and other people such as accountants, lawyers, car dealers, and referees.

Do we disclose your personal information?

We may disclose your personal information:

  • to existing or prospective funders or other intermediaries in relation to your finance requirements;
  • to other guarantors, borrowers and other security providers (if more than one);
  • to borrowers or prospective borrowers, including in relation to any credit you guarantee or propose to guarantee;
  • to other organisations that are involved in managing or administering your finance such as valuers, surveyors, third party suppliers, printing and postal services, call centres, lenders, trade insurers, recovery firms, debt collectors, lawyers, insurance companies, car dealers and credit reporting bodies;
  • to our agents, contractors or external service providers to outsource certain functions, for example, statement production, debt recovery and information technology support;
  • to businesses we have a relationship with that may want to market products to you;
  • to companies that provide information and infrastructure systems to us;
  • to anybody who represents you, such as finance brokers, lawyers, guardians, persons holding power of attorney and accountants;
  • to anyone, where you have provided us consent;
  • to our auditors, insurers, re-insurers and health care providers;
  • to claims related providers, such as assessors and investigators who help us with claims;
  • where we are required to do so by law, such as under the Anti-Money Laundering and Counter Terrorism Financing Act 2006 or in accordance with a subpoena or summons issued by a court;
  • to organisations involved in our funding arrangements such as trustees, warehouse funders, investors, rating agencies, agents, auditors or advisers, or any entity that has an interest in our business or your finance;
  • to other financial institutions, for example to process a claim for mistaken payment;
  • organisations that provide products or services used or marketed by us; or
  • to your current or previous employer, referees or identity verification services.

Prior to disclosing any of your personal information to another person or organisation, we will take all reasonable steps to satisfy ourselves that:

  • the person or organisation has a commitment to protecting your personal information at least equal to our commitment; or
  • you have consented to us making the disclosure.

New technologies and data analytic software allows us to combine information we have about you and our other customers, with data sources, such as third party websites or the Australian Bureau of Statistics. We are able to analyse this data to learn more about you and other customers, and how to improve our products and service we provide to you. We may use this combined data to help other businesses better understand their customers, however we will not provide any personal information about you unless we are legally required to.

Credit-related information

We exchange credit-related information for the purposes of assessing your application for finance and managing that finance. If you propose to be a guarantor, one of our checks may involve obtaining a credit report about you.

The credit-related information we hold about you may be held by us in electronic form on our secure servers and may also be held in paper form. We use cloud storage to store personal information and this credit-related information that we hold. The cloud storage and the IT servers may be located outside Australia.

When we obtain credit eligibility information from a credit reporting body about you, we may also seek publicly available information and information about any serious credit infringement that you may have committed.

We may disclose your credit-related information to overseas entities that provide support functions to us (including in USA, Canada, Malaysia, India, Ireland, the United Kingdom and the Philippines). You may obtain more information about these entities by contacting us. If we disclose your credit-related information to entities that are located overseas, we ensure that appropriate data handling and security arrangements are in place.

The credit reporting bodes we use are Equifax Pty Ltd, Experian Australia Credit Services Pty Ltd and Illion Australia Pty Ltd. You can download a copy of their privacy policies at: equifax.com.au; experian.com.au; or illion.com.au.

Notifiable matters

The law requires us to advise you of ‘notifiable matters’ in relation to how we may use your credit-related information. You may request to have these notifiable matters (and this privacy policy) provided to you in an alternative form.

We exchange your credit-related information with credit reporting bodies. We use the credit-related information that we exchange with the credit reporting body to confirm your identity, assess your creditworthiness, assess your application for finance and manage your finance.

The credit reporting body may provide the information that we report about you to other credit providers to assist them to assess your credit worthiness. We may also obtain information that other credit providers have provided to the credit reporting body to use in our assessments of your credit-worthiness.
The information we may exchange with credit reporting bodies includes your identification details, what type of loans you have, how much you have borrowed, whether or not you have met your loan payment obligations and if you have committed a serious credit infringement (such as fraud).

If you fail to meet your payment obligations in relation to any finance that we have provided or arranged or you have committed a serious credit infringement then we may disclose this information to a credit reporting body.

You have the right to request access to the credit-related information that we hold about you and make a request for us to correct that credit-related information if needed. Please see the heading Access and correction to your personal and credit-related information below.

Sometimes your credit-related information will be used by credit reporting bodies for the purposes of ‘pre-screening’ credit offers on the request of other credit providers. You can contact the credit reporting body at any time to request that your credit-related information is not used in this way.

You may contact the credit reporting body to advise them that you believe that you may have been a victim of fraud. For a period of 21 days after the credit reporting body receives your notification that you have been a victim of fraud, the credit reporting body must not use or disclose that credit-related information. You can contact any of the following credit reporting bodies for more information:

  • equifax.com.au,
  • illion.com.au, or
  • experian.com.au.

Notifiable Data Breaches

The Privacy Act includes a Notifiable Data Breaches (NDB) scheme which requires us to notify you and the Office of the Australian Information Commissioner (OAIC) of certain data breaches and recommend steps you can take to limit the impacts of a breach (for example, a password change).

The NDB scheme requires us to notify about a data breach that is likely to result in serious harm to affected individuals. There are exceptions where notification is not required. For example, where we have already taken appropriate remedial action that removes the risk of serious harm to any individuals.

If we believe there has been a data breach that impacts your personal information and creates a likely risk of serious harm, we will notify you and the OAIC as soon as practicable and keep in close contact with you about the nature of the breach, the steps we are taking and what you can do to reduce the impacts to your privacy. If you believe that any personal information we hold about you has been impacted by a data breach, you can contact us at [email protected].

Direct marketing

From time to time we may use your personal information to provide you with current information about finance offers you may find of interest, changes to our organisation, or new products or services being offered by us or any company with whom we are associated.

If you do not wish to receive marketing information, you may at any time decline to receive such information by emailing us at [email protected]. If the direct marketing is by email you may also use the unsubscribe function. We will not charge you for giving effect to your request and will take all reasonable steps to meet your request within a reasonable timeframe.

Updating your personal information

It is important to us that the personal information we hold about you is accurate and up to date. During the course of our relationship with you we may ask you to inform us if any of your personal information has changed.

If you wish to make any changes to your personal information, you may contact us. We will generally rely on you to ensure the information we hold about you is accurate and complete.

Access and correction to your personal and credit information

We will provide you with access to the personal and credit-related information we hold about you. You may request access to any of the personal or credit-related information we hold about you at any time.

We may charge a fee for our costs of retrieving and supplying the information to you.

Depending on the type of request that you make, we may respond to your request immediately. Otherwise, we usually respond to you within seven days of receiving your request. We may need to contact other entities to properly investigate your request.

There may be situations where we are not required to provide you with access to your personal or credit-related information, for example, if the information relates to existing or anticipated legal proceedings, or if your request is vexatious, or if the information is commercially sensitive.

An explanation will be provided to you if we deny you access to the personal or credit-related information we hold about you.

If any of the personal or credit-related information we hold about you is incorrect, inaccurate or out of date you may request that we correct the information. If appropriate we will correct the personal or credit-related information. Otherwise, we will provide an initial response to you within seven days of receiving your request. Where reasonable, and after our investigation, we will provide you with details about whether we have corrected your personal or credit-related information within 30 days.

We may need to consult with other entities as part of our investigation.

If we refuse to correct personal or credit-related information we will provide you with our reasons for not correcting the information.

Using government identifiers

When we collect government identifiers, such as your tax file number, we do not use or disclose this information other than as required by law. We will never use a government identifier to identify you.

Business without identifying you

In most circumstances it will be necessary for us to identify you in order to successfully do business with you, however, where it is lawful and practicable to do so, we will offer you the opportunity of doing business with us without providing us with personal information, for example, if you make general inquiries about interest rates or current promotional offers.

Sensitive information

We will only collect sensitive information about you with your consent. Sensitive information is personal information that includes information relating to your racial or ethnic origin, political persuasion, memberships in trade or professional associations or trade unions, sexual preferences, criminal record, or health.

How safe and secure is your personal information that we hold?

We will take reasonable steps to protect your personal information by storing it in a secure environment. We may store your personal information in paper and electronic form. We will also take reasonable steps to protect any personal information from misuse, loss and unauthorised access, modification or disclosure.

Complaints

If you are dissatisfied with how we have dealt with your personal or credit-related information, or you have a complaint about our compliance with the Privacy Act and the Credit Reporting Code, you may contact our Customer Resolution Officer by email at [email protected]

We will acknowledge your complaint within seven days. We aim to provide you with a decision on your complaint within 30 days.

If you are dissatisfied with the response of our complaints officer you may make a complaint to our External Dispute Resolution Scheme, the Australian Financial Complaints Authority (AFCA) which can be contacted by phone on 1800 931 678, by email at [email protected], or in writing to GPO Box 3, Melbourne VIC 3001; or the OAIC which can be contacted on either www.oaic.gov.au or 1300 363 992.

Further information

You may request further information about the way we manage your personal or credit-related information by contacting us at [email protected].

Change in our privacy policy

We are constantly reviewing all of our policies and attempt to keep up to date with market expectations. Technology is constantly changing, as is the law and market practices.

As a consequence, we may change this privacy policy from time to time or as the need arises. You can always find the most up-to-date version on our website (www.creditconcierge.com.au).

You may request this privacy policy in an alternative form.

This Privacy Policy was last updated in June 2024.