1 Personal Information Policy
1.1 What is personal information?
As part of the identity verification processes your personal details will be matched to information held by the issuer or official record holder via third party systems;
1.2 What is the purpose for collecting personal information?
We only collect personal information that is reasonably necessary for our business functions and activities.
1.3 How do we collect personal and non-personal information?
We can only collect personal information about you by a lawful and fair means.
We may collect information from you directly, such as when you complete an application form including an online application form, a contract or make an inquiry.
1.4 How do we collect information on our websites?
If you are using one of our websites, you will browse anonymously, except as set out below.
1.5 Using and disclosing personal information
2 Direct marketing
From time to time, we may use the personal information collected from you for direct marketing purposes, such as targeted advertising on new vehicles, maintenance, promotions, special offers and other information which we think you may find interesting. If we do contact you in this way, it will only be in relation to matters that customers would reasonably expect us to contact them directly about. We will ensure that our marketing activities comply with applicable laws. We may contact you by telephone, email or SMS for these purposes. If we have disclosed your personal information to other Entities within the Group, we may tailor marketing to you, by combining information about you which is held by the other Entities with the information we hold. However, other Entities will only use that information for direct marketing purposes if you have given your consent to do so. If you do not wish to receive any direct marketing communications from us, you may at any time decline to receive such information by contacting us as set out in Part 4 below. You can also follow the instructions for unsubscribing in our direct marketing communications. We will not charge you for giving effect to your request and will take all reasonable steps to meet your request at the earliest possible opportunity. We do not sell personal information to third party organisations to allow them to contact you for direct marketing purposes. We will only use your health information for the purposes of direct marketing if you have consented to us using the information for that purpose.
3 Keeping personal information secure
Your personal information (including your credit information and sensitive information) may be held by us in electronic form on our secure servers and may also be held in paper form. We may use cloud storage to store the personal information (including credit information and sensitive information) we hold about you. The security of your information is very important to us and we have security measures to protect any personal, credit or sensitive information that we hold. Before disclosing personal information to a customer, we confirm the identity of that customer to prevent misuse or unlawful disclosure of the information.
We have security measures to ensure the physical security of personal information held on our premises and systems. When records containing personal information are no longer required, we delete the information or permanently de-identify it. In relation to data stored or transmitted electronically, we regularly review developments in security and encryption technologies. Unfortunately, no data transmission over the internet can be guaranteed as completely secure. We take all reasonable steps to protect the information in our systems from misuse, interference, loss, and any unauthorised access, modification or disclosure. We take reasonable steps to preserve the security of cookie and personal information in accordance with this policy. If your browser is suitably configured, it will advise you whether the information you are sending us will be secure (encrypted) or not secure (unencrypted).
4 Access and correction of personal information
You are entitled under the Privacy Act to access the personal information (including credit information and sensitive information) we hold about you and (provided that it is reasonable and practicable) to do so in a manner that you request. We will need to validate the identity of anyone making an access request, to ensure that we do not provide your information to anyone who does not have the right to that information. We will provide you access within 30 days if it is reasonable and practicable to do so, but in some circumstances it may take longer (for example, if we need to contact other entities to properly investigate your request). There may be situations where we may refuse to provide you with access, such as where the information relates to existing or anticipated legal proceedings, if the request is vexatious or if the information is commercially sensitive. If access is refused, we will give you a notice explaining our decision to the extent practicable and your options to make a complaint. We do not usually charge you for access to your personal information. However, if the request is complex, we may charge you the marginal cost of providing the access, such as staff costs of locating and collating information or copying costs.
If you feel that the personal information (including the credit information and sensitive information) we hold about you is incorrect, you are able to contact us at any time to request that we correct that information. If you would like to do so please contact our Privacy Officer using the contact details in Part 8 below. If appropriate we will correct the information at the time of the request. Where reasonable, and after our investigation, we will provide you with details about whether we have corrected the personal information. We may need to consult with other entities as a part of our investigation (including other credit providers or CRBs). We will normally try to resolve correction requests within 30 days of you making a request. There will be no cost to you if we correct your personal information held by us.
If you believe that we have not complied with our obligations relating to your personal information (including your credit information and sensitive information), please contact our Privacy Officer as follows: By phone: 0418 918 420 between 9am and 5pm Monday to Friday By email:email@example.com We will investigate your complaint and respond within 30 days with a proposed resolution.
If you feel we have not properly dealt with a complaint, you may contact the Office of the Australian Information Commissioner at firstname.lastname@example.org or on 1300 363 992.