At Volkswagen Financial Services Australia, we want to provide a safe and secure environment for you to explore what we can offer you. That’s why we’re absolutely committed to protecting your privacy while you look at our content, products and services online.
1. Document Summary & Purpose
It sets out in detail how we manage the “Personal Information” and/or “Credit Information” of or about our customers, employees and other individuals we deal with in the course of our business activities.
We have defined the terms “Personal Information” in section 3 (“Personal Information” defined) and “Credit Information” in section 4 (“Credit Information” defined).
a) Our names (section 2);
b) Why we collect information (section 5);
c) When we collect information (section 7);
d) Types of information we collect (section 3: “Personal Information” and section 4: “Credit Information”);
e) How we collect information (section 8);
f) Whose information we collect (section 6);
g) How we protect your information (section 13);
h) Sending information overseas (section 11);
i) Requesting access to your information (section 14); and
j) Contacting us when, for example, you wish to make a complaint or request access to your information (section 16).
1.1 Changes to Policy
Any changes we make to this Policy will become effective immediately after we have published them and we will apply them to how we will manage the Personal Information or Credit Information of our customers in the future.
2. Our Names
We are Volkswagen Financial Services Australia Pty Ltd ABN 20 097 071 460 (“VWFSA”), a wholly-owned subsidiary of the global financial services organisation, VWFS AG, which is headquartered in Braunschweig, Germany.
In Australia, VWFSA uses various business names including “Volkswagen Financial Services”, “Audi Financial Services”, “ŠKODA Financial Services”, “Ducati Financial Services”, “Jaguar Financial Services” and “Land Rover Financial Services”.
In the remainder of this Policy, we refer to VWFSA or any of the above business names we use simply as “we”, “us” or “our”.
3. “Personal Information” Defined
Personal Information means information or an opinion about an identified individual, or an individual who is reasonably identifiable whether the information or opinion is:
a) True or not; and
b) Recorded in a material form or not.
For the purposes of this Policy, Personal Information includes:
a) “Identification Information” (see the definition in section 17.5 (Identification Information));
b) Financial information: examples are your income, expenses, commitments, debts, savings and investments;
c) Family status and dependants information: examples are whether you are married, single, in a de facto relationship and number and/or ages of children or persons you maintain;
d) Educational and technical qualification: if you have applied for a job with us, or if you have applied for a business or contracting opportunity with us;
e) Immigration and visa status: if you have applied for a job with us or if you have applied for a business or contracting opportunity with us;
f) Sensitive Information (see definition in section 17.11 (Sensitive Information) below); and
g) Credit Information.
4. “Credit Information” Defined
“Credit Information” is Personal Information that includes:
a) Consumer Credit Liability Information (see definition in section 17.1);
b) Repayment History Information (see definition in section 17.10);
c) Information Request (see definition in section 17.6);
d) Information about the type of consumer credit or commercial credit, and the amount of credit, sought in an application:
e) Default Information (see definition in section 17.4);
f) Payment Information (see definition in section 17.8);
g) Personal Insolvency Information (see definition in section 17.9);
h) Credit Worthiness Information (see definition in section 17.3); and
i) Serious Credit Infringement (see definition in section 17.12).
5. Reasons For Collecting Information
In general, we will only collect Personal Information that is reasonably necessary for us to achieve any or a combination of the primary purposes mentioned in section 5.1 and 5.2 below and the secondary purposes mentioned in section 5.3.
5.1 Primary purpose – assess applications & manage accounts
We collect, hold, use and disclose Personal Information for the following primary purposes, that is, to:
a) Assess and/or process your application for any of our products or services and advise you about its outcome;
b) Assess and/or process your application for employment with us and advise you about its outcome;
c) Assess and/or process your application to be engaged as an independent contractor for, or an external services provider to, us and advise you about its outcome;
d) Comply with your instructions from time to time if we establish an account with you, including sending you notices and updating your details;
e) Establish and manage any account we establish including;
f) Assist you to pay any amount due, payable or unpaid in relation to the product or service we have agreed to provide you;
g) Collect any amount due or unpaid in relation to the product or service we have agreed to provide you;
h) Pay your salary, wages or other moneys due or payable in relation to your employment contract and give you notices in connection with your employment with us; and
i) Pay or receive any amount due or payable in relation to any contract for services we have with you and give you notices in connection with the contract for services.
5.2 Primary purpose – to comply with law
We also collect Personal Information in compliance with our legal or regulatory obligations including those we have under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006, the National Consumer Credit Protection Act 2009, the Corporations Act 2001, the Privacy Act 1988 (“Privacy Act”) and various Australian employment, taxation and immigration laws.
Furthermore, we will collect Personal Information if we are required by or under a court or tribunal order to collect that information.
If the collection of Personal Information is required by any other law or court or tribunal order, we will advise you of the relevant law or the details of the court or tribunal order at the time of collecting the information or as soon as practicable after we have collected the information.
5.3 Secondary purposes
We collect, hold, use and disclose your Personal Information for any or a combination of the following secondary purposes:
a) Tell you about our products or services unless you tell us to stop;
b) Share it with our brand partners Audi Australia Pty Limited, Škoda Pty Limited and Volkswagen Group Australia Pty Limited and where appropriate, other Australian distributors whose vehicles we finance so that they can tell you about their products or services unless you tell us to stop;
c) Share it with our dealerships and/or authorised credit representatives that introduced you to us unless you tell us to stop.
d) Train our staff;
e) Conduct customer surveys unless you tell us to stop;
f) Conduct employee surveys unless you tell us to stop;
g) Undertake other direct marketing unless you tell us to stop;
h) Undertake market and product research unless you tell us to stop;
i) Develop and improve our products and services;
j) Design, implement, maintain, review, or test our business and information technology systems, processes, infrastructure or platforms;
k) Instruct our legal advisers, accountants, auditors, insurers or other external service providers;
l) Make reports to our senior management in Australia and in Germany; and
m) Manage our risk exposures.
6. Whose Information We Collect
We will collect your Personal Information if you are an individual who:
a) Has applied for, or we have agreed to provide, any of our products or services;
b) Is a guarantor of the individual mentioned in (a) above;
c) Is a professional services provider (such as lawyer, accountant, financial counsellor) to, or is related to, next of kin, referee, witness or personal or legal representative of, the individual mentioned in (a) above;
d) Is an agent, director or authorised officer or employee of a body corporate including a business, organisation or agency, that has applied for, or we have agreed to provide, any of our products or services to;
e) Has applied for employment with us, or we have agreed to employ;
f) Is a referee of the individual mentioned in (e) above;
g) Has applied for to be engaged, or we have agreed to engage, to provide external services to us or to provide such services to;
h) Is a referee, current or past employer or professional services provider of the individual mentioned in (g) above; or
i) Is a visitor to any of our places of business.
7. When We Collect Information
We will collect Personal Information (from you) in the following circumstances:
a) When the individual mentioned in section 6.1 (a) has applied for any of our products or services or during the course of that individual holding a product or service we have agreed to provide them;
b) When managing any account we have established in relation to a product or service we have agreed to provide the individual mentioned in section 6.1 (a) including collecting or attempting to collect any amounts due or payable in relation to any such product or service;
c) When the business, organisation or agency mentioned in section 6.1 (d) has applied for any of our products or services or during the course of that business, organisation or agency holding a product or service we have agreed to provide them;
d) When managing any account we have established in relation to a product or service we have agreed to provide the business, organisation or agency mentioned in section 6.1 (d) including collecting or attempting to collect any amounts due or payable in relation to any such product or service;
e) When any person, business, organisation or agency who is acting on your behalf (such as your accountant, lawyer, financial counsellor, power of attorney or other legal representative) or who you have entered into a contract with or proposing to enter a contract with (such as an insurer) provides your Personal Information to us in relation to a product or service we have agreed or we are proposing to provide you;
f) When you apply for employment with us or we have agreed to employ you;
g) When establishing or managing any account we have established if we have agreed to employ you;
h) When you apply for or we have agreed to enter into a contract for services with you;
i) When a business, organisation or agency you are acting for or you are a director, officer or employee of, has applied for a contract for services with us or we have agreed to engage that business, organisation or agency under a contract for services;
j) When establishing or managing any account in relation to the contract for services mentioned in 7.1 (h) and 7.1 (i);
k) When we are required by or under an Australian law, court or tribunal order or by a regulatory body to collect your Personal Information;
l) When you visit any of our places of business; and
m) When we are conducting a product or market research or a customer survey.
7.2 Credit Information
In addition to the circumstances mentioned in section 7.1 (General), we may collect Credit Information from a Credit Reporting Body (“CRB”) (as defined in section 17.2) when we are assessing a credit application you have made to us or you have made on behalf of a business, organisation or agency.
Also, we will collect and use Credit Information in our own records including information on your payments, repayments or default.
Furthermore, we will obtain Credit Information from other Credit Providers with whom you have or had a credit account.
Finally, we will collect your Credit Information from publicly available sources including personal insolvency information entered or recorded in the National Personal Insolvency Index (as defined in the Bankruptcy Act).
8. How We Collect Information
8.1 Lawful, Reasonable & Transparent Means
We will only collect Personal Information by lawful, fair and transparent means.
Except in a limited number of cases, we will collect Personal Information directly from you and with your consent.
8.2 You do not have to provide information
You are under no legal or moral obligation to provide Personal Information we ask for and we will not oblige you to provide Personal Information (see section 9).
8.3 Consequences for not providing information we request
If you fail or refuse to provide any Personal Information we ask for, we may not be able to do any or a combination of the things mentioned in section 5.1 (Primary purpose – assess product application and manage accounts) or section 5.2 (Primary purpose – to comply with law).
In some cases if we do not collect, use and/or disclose the Personal Information we ask for we may not only risk providing you an unsuitable product or service, but we may also be in breach of our legal or regulatory obligations.
8.4 Important Details about Credit Information
If the information we are collecting includes Credit Information:
a) We are likely to disclose your information to any or all of the following CRB’s as defined in section 17.2 (Credit reporting bodies):
(i) Equifax Pty Ltd - www.equifax.com.au
(ii) Illion Australia Pty Ltd - www.illion.com.au
(iii) Experian Australia Credit Services Pty Ltd - www.experian.com.au
For contact details and information on how credit reporting bodies manage credit information, please see their privacy policies available at the links above.
b) CRB’s may include the information we disclose to them in reports provided to other credit providers as your Credit Worthiness Information (as defined in section 17.3 (Credit worthiness information));
c) If you fail to meet your payment obligations in relation to a consumer credit contract you enter with us, or you commit a “Serious Credit Infringement” (defined in section 17.12 (Serious credit infringement)), we are entitled to disclose this to the the CRB’s outlined in Section 8.4 (a);
d) You can contact the CRB’s outlined in Section 8.4 (a) to:
(i) Obtain their Credit Information management policy;
(ii) Request them not to use your credit reporting information for the purposes of pre-screening of direct marketing by a credit provider; and
(iii) Request them not to use or disclose your credit reporting information, if you believe on reasonable grounds that you have been, or you are likely to be, a victim of fraud; and
e) You can also contact us in relation to your Credit Information in any of the circumstances mentioned in section 16.1 (Reasons for contacting us).
8.5 How we collect information
If reasonable and practicable, we will collect Personal Information or Credit Information directly from you:
a) Using a paper application form;
b) Using an online application form;
c) During a face-to-face meeting or teleconference;
d) Over the telephone or mobile phone;
e) When you send us a facsimile document;
f) When you send us an email; or
g) Via our online websites: www.vwfs.com.au; www.vwfinancialservices.com.au; www.audifinancialservices.com.au: www.skodafinancialservices.com.au; and www.vwfsfleet.com.au; and/or
h) By Facsimile.
8.6 Using third parties to collect information
In some cases, we may authorise another person, such as a motor vehicle dealership, a recruitment organisation or background checking service provider (if you have applied for a job, business or contracting opportunity with us) to collect your Personal Information on our behalf.
8.7 Collecting information from another person
With the exception of the circumstances mentioned in section 8.8 (Related organisations), we will only collect your Personal Information from another person with your express or implied consent. Some third parties from whom we may collect Personal Information include:
a) Your nominated accountant or financial counsellor;
b) Authorised motor vehicle dealerships;
c) Your nominated representative such as lawyer, power of attorney, trustee, any person who purports to be acting on your behalf or any person you have notified us as your referee or next of kin;
d) Professional or business referees you have advised to us;
e) A CRB (as defined in section 17.2) in some circumstances;
f) Another credit provider, financier or financial institution; and
g) Your insurer or broker.
Finally, we may collect Personal Information (other than sensitive) from someone else if it is unreasonable or impracticable to collect the information from you.
8.8 Related organisations
In some cases we may collect your Personal Information from an organisation or person that is related to us if the primary purpose for which that organisation or person collected your information in the first place was or is related to the primary purpose for which we would collect your information.
8.9 Unsolicited information
If we receive your Personal Information which we did not ask for and determine that we are not entitled to collect the information, we will take reasonable steps as soon as practicable to destroy or de-identify the information if it is not contained in a record or document of the Commonwealth government of Australia. If the information is contained in a record or document of the Commonwealth government of Australia we will attempt to return it to you, and failing that, we will return the record to the relevant Commonwealth government agency.
9. Anonymity & Psuedonymity
If it is lawful, practicable and reasonable when collecting Personal Information, we will give you the option of not identifying yourself or the option of your use of a pseudonym.
An example would be where we are conducting a customer, product or market survey or research and it is practicable to obtain the information we want for the purposes of that survey or research without the need for you to tell us your names, date or birth or residential address in particular.
10. Accuracy of Information
We will take all reasonable steps in the circumstances to ensure that Personal Information we collect from or about you is accurate, complete and up-to-date.
Accordingly, in some cases, we may ask you for an independent and reliable document or use an electronic data source to verify that the Personal Information you have given us is accurate, complete and up-to-date.
If we identify any discrepancy between information you provided us and information in an independent and reliable document or electronic data source, we will give you an opportunity to correct or reconcile the discrepancy, if it is reasonable or practicable for us to do so, before using the information for the purposes for which we have collected it.
We may terminate a product or service we have agreed to provide you, your employment with us or your business or contracting relationship with us if we find that the Personal Information we relied on to offer you the product, service, job or business or contracting opportunity was not accurate, complete or up-to-date at the time we collected or used it.
11. Sending Information Overseas
From time to time, we will send data containing Personal Information to our parent and related companies.
Whilst it is not practicable to list every country in which recipients may be located, receipients of such disclosures are likely to include Germany, Singapore and the United Kingdom.
12. Use or Disclosure for Permitted Purposes
We will use or disclose Personal Information we hold if:
a) The use or disclosure of the information is required or authorised by or under an Australian law or a court or tribunal order;
b) A “permitted general situation” (as defined in the Privacy Act) exists in relation to the use or disclosure of the information by us;
c) A “permitted health situation” (as defined in the Privacy Act) exists in relation to the use or disclosure of the information by us; or
d) We reasonably believe that the use or disclosure of the information is reasonably necessary for one or more “enforcement related activities” (as defined in the Privacy Act) conducted by, or on behalf of, an enforcement body.
13. How We Protect Your Information
The security of your Personal Information which we hold is important to us and we take all reasonable steps in the circumstances to protect it from unauthorised access, misuse, interference, loss, disclosure or modification.
We keep your Personal Information which we hold in various formats including paper and electronic formats.
Some of the ways we secure your Personal Information are:
a) Imposing confidentiality of Personal Information requirements on our employees and persons or organisation we will disclose your Personal Intormation to;
b) Implementation of a document storage policy;
c) Password and username measures for access to our information technology and business systems;
d) Verification of customers before disclosing Personal Information;
e) Restrction of access to our buildings; and
f) Electronic security systems such as firewalls and data encryption on our websites.
We can store Personal Information physically or electronically with third party data storage providers. Where we do this, we use contractual arrangements to ensure those providers take appropriate measures to protect that information and restrict the uses to which they can put that information.
13.2 Destroying and de-identifying of information
In general, we will destroy your Personal Information or any document or record containing Personal Information we no longer need the information or if we are not required by or under an Australian law to keep the information or the document or record beyond a required period.
If it is not practicable to destroy the information or the document or record containing the Personal Information, we will put the document “beyond use” (as defined in the Credit Reporting Code).
In some circumstances, we will “de-identify” Personal Information instead of destroying it including circumstances we are required by or under an Australian law to keep the information or the document or record.
14. Requesting Access To Your Information
You can request access to your Personal Information by contacting us (see section 16.1 (Reasons for contacting us) and section 16.2 (Our contact details)).
Also, you may use a third party (access-seeker) to make a request to us for access to your Personal Information.
14.2 Adequate verification before giving access
In whatever manner and whenever you contact us, we will verify your identity or that of any person you have authorised to be given access to your Personal Information before we agree to give access.
Also, if you authorise an access-seeker to request access to your Personal Information you must do so in writing before we can give them access.
We reserve the right to change our identity verification requirements from time to time without notice.
14.3 Period for giving access to Personal Information
We will endeavour to respond to your request for access to your Personal Information within a reasonable period of time after the date we have verified your identity in accordance with section 14.2 (Adequate verification etc).
If for any reason we cannot or we refuse to give access to your Personal Information within the above timeframe, we will give you a written notice that sets out the reason for the refusal and/or the reasons we are unable to provide access within the above timeframe. If necessary, we may request you to agree to an extension of time to give access.
Also, in any of the above circumstances, we will advise you of how you can make a complaint about our refusal to give access or our failure to give access within a reasonable time.
14.4 Period for giving access to Credit Information
For a request to access your Credit Information, we will endeavour to provide access to you within 30 days of receiving your request, unless unusual circumstances apply. In those circumstances, we will notify you with our reasons (if reasonable for us to do so) and advise you of your right to refer our refusal or failure to provide access within the timeframe to the Australian Financial Complaints Authority (see section 16.5 (Referral to EDR)) and/or to the Privacy Commissioner (see section 16.6 (Referral to Privacy Commissioner)).
14.5 If unreasonable to give access in a particular form
Your request for access may specify the form or manner you wish your information to be provided to you including whether you wish the information to be given to you over the telephone or in writing and by regular post, email or facsimile.
If reasonable or practicable, we will give you access in the form or manner you have specified.
If it is not reasonable or practicable to give you access in the form or manner you have requested, we will take steps that we consider are reasonable in the circumstances to give access in a way that meets both your and our needs, including, giving access through a mutually agreed intermediary.
14.6 Fees and charges
In general, we will not charge you a fee for making a request for access to your Personal Information.
Also, we will not charge you any fee for providing you a copy of this policy in a form you have requested if it is reasonable for us to provide the information in that form.
We may charge a fee for retrieving and preparing the information and/or giving it to you in the manner you have requested it to be provided to you. However, any such fee will not be excessive in the circumstances and will not apply to the making of the request.
We may ask you to pay any charge or fee before we can progress your request.
14.7 When we may refuse access
We will refuse you access to your Personal Information if:
a) We reasonably believe that giving you access would pose a serious threat to the life, health or safety of any individual, or to public health or public safety;
b) Giving access would have an unreasonable impact on the privacy of other individuals;
c) Your request is frivolous or vexatious;
d) Your request relates to existing or anticipated legal proceedings between you and us, and you would not be able to gain access through a discovery process in those proceedings;
e) Giving access would reveal our intentions in relation to negotiations with you in such a way as to prejudice those negotiations;
f) Giving access would be unlawful;
g) Denying access is required or authorised by or under an Australian law or a court or tribunal order;
h) Both of the following apply:
(i) We have reason to suspect that unlawful activity, or misconduct of a serious nature, that relates to our functions or activities has been, is being or may be engaged in; and
(ii) Giving access would be likely to prejudice our taking of appropriate action in relation to the matter;
i) Giving access would be likely to prejudice one or more enforcement related activities (as defined in the Privacy Act) conducted by, or on behalf of, a law enforcement body; or
j) Giving access would reveal evaluative information we have generated in connection with a commercially sensitive decision‑making process.
We may refuse to give access to your Credit Information if:
a) Giving access would be unlawful; or
b) Denying access is required or authorised by or under an Australian law or a court/tribunal order; or
c) Giving access would be likely to prejudice one or more enforcement related activities conducted by, or on behalf or, an enforcement body.
15. Requesting Correction Of Information
15.1 Correcting inaccurate information ourself
If we are satisfied on reasonable grounds that the Personal Information we hold about you is inaccurate, out‑of‑date, incomplete, irrelevant or misleading, we will take appropriate steps to correct the information (see generally, section 10: (Accuracy of information)).
If we correct your Personal Information we will take appropriate steps within 7 days of the correction, to notify you and any other person, organisation. If the information corrected is Credit Information, any “affected information recipient” (as defined in the Privacy Act) or “CRB” to which we had provided the pre-corrected information, that your information has been corrected.
15.2 Asking us to correct your information
You too can ask us to correct the Personal Information we hold about you if you consider the information is not accurate, up‑to‑date, complete, relevant or it is misleading or deceptive.
Also, you may request us to take reasonable, practicable or lawful steps to notify any other organisation to which we provided your Personal Information on a previous occasion, that we have corrected your information.
15.3 Timeframe for correcting Personal Information
If your request relates to Personal Information that is not Credit Information, we will respond to the requests within a reasonable period of time of receiving it.
15.4 Timeframe for correcting Credit Information
If the request relates to your Credit Information, we will respond to the request within 30 days from the date you make the request.
If we are not able to meet the above timeframe we will seek your written consent for an extension of time to respond to your request.
15.5 No fees for requests
We will not charge you any fees for making a request to us to correct your information.
15.6 If we refuse to correct information
If we refuse to correct your Personal Information, we will give you a written notice that sets out:
a) The reasons for the refusal except to the extent that it would be unreasonable to do so;
b) Your rights to make a complaint about our decision including referring it to the Australian Financial Complaints Authority or to the Privacy Commissioner; and
c) Any other matter prescribed by regulations introduced under the Privacy Act to be mentioned in the written notice.
15.7 Request to associate statement
If we refuse to correct your Personal Information, you may request us to associate a statement with the Personal Information that you consider is inaccurate, out‑of‑date, incomplete, irrelevant or misleading.
Within a reasonable period of time after receiving your request, we will take any step that is reasonable, practicable and lawful in the circumstances to associate the statement in such a way that will make the statement apparent to users of the information.
We will not charge any fee for a request to associate a statement as described above.
16. Contacting Us
16.1 Reasons for contacting us
Amongst other things, you may contact us if you:
d) Want to understand why we collected your Personal Information;
e) Wish to request access to your Personal Information;
f) Wish to request us to correct your Personal Information;
g) Wish to ask us to associate a statement with your Personal Information or following our refusal to correct such information;
h) Wish to make a complaint including a complaint:
(i) About how we have handled your Personal Information;
(ii) That a conduct of us amounts to the interference with your privacy (as defined in in the Privacy Act);
(iii) That we have breached a provision of the Privacy Act, the Credit Reporting Code or an Australian Privacy Principle;
(iv) About our refusal to give access to your Personal Information or our delay in responding to your request for access to such information; or
(v) About our refusal to correct your Personal Information or our delay in responding to your request to correct such information.
i) Wish to ask us to stop sending you direct marketing or promotional material;
j) Wish to ask us to stop sharing your Personal Information with our brand partners (see section 5.3 (b) (Secondary purposes)) above or for the purposes mentioned in that section; or
k) If you do not want to participate in a customer survey we have invited you to participate in.
16.2 Our Contact Details
You may write to or email us as follow:
The Privacy Officer
Volkswagen Financial Services Australia Pty Limited.
Locked Bag 4002, Chullora NSW 2190
16.3 Acknowledging requests and complaints
We will endeavour to acknowledge your request or complaint within 7 days after we have received it. Depending on the circumstances, we may acknowledge your request or complaint by phone, email, regular post or facsimile.
A complaint in relation to Credit Information will be acknowledged by email, regular post or facsimile.
16.4 Request & Complaint Process
We will take reasonable steps to investigate the subject matter of your request or complaint. Such steps may include liaising with our external representatives who are familiar with the subject matter of the request.
If the request or complaint concerns Credit Information, we may consult with other external organisations or agencies in particular a relevant CRB (as defined in section 17.2 (Credit reporting body)), other credit providers and “affected information recipients" (as defined in the Privacy Act). Whether such consultation is necessary will depend upon whether we provided your information to those external organisations or agencies or whether we obtained your information from them.
Also, in some cases we may seek advice from our own legal or other professional advisors in relation to your request or complaint.
We will give you reasonable opportunity to present your case.
Any information we discover during the investigation stage will be analysed and evaluated before a decision is reached on the merits of your request or complaint.
You will be advised about our decision within the timeframes specified in this Policy if applicable to your request or complaint or within the timeframe specified in the Privacy Act or Credit Reporting Code.
If our decision is in writing, it will contain the reasons for the decision and information on your right to refer our decision to the Australian Financial Complaints Authority (see section 16.5 (Referral to EDR)) or to the Privacy Commissioner (see section 16.6 (Referral to Privacy Commissioner)) if you are not satisfied with the decision.
16.5 Referral to EDR
If you are not satisfied with our response to your request or complaint, you may refer it to the Australian Financial Complaints Authority, the external dispute resolution (EDR) scheme of which we are a member.
The Australian Financial Complaints Authority contact details are:
Australian Financial Complaints Authority
GPO BOX 3
Melbourne VIC 3001
1800 931 678 (Free call)
16.6 Referral to Privacy Commissioner
You may also refer our decision to the Privacy Commissioner if you are not satisfied with it. The Privacy Commissioner’s contact details are:
GPO Box 5218
Sydney NSW 2001
1300 363 992
16.7 Employee requests & complaints
Employees may make requests directly to the Human Resources team for access to their Personal Information.
Employees may also request the Human Resources team to correct their Personal Information if they consider the information we hold on them is not accurate, up‑to‑date, complete, or relevant or if they consider the information is misleading.
Within a reasonable time after we have corrected an employee’s Personal Information, we will advise any person, organisation or agency we provided the pre-corrected information to that the information has been corrected.
Alternatively, employees may log into their personal accounts in the pay roll system to correct their own Personal Information if they wish to do so.
Employees also have the right to make a complaint if they consider we have not handled their Personal Information appropriately including in accordance with this Policy or in accordance with the Australian Privacy Principles or the Privacy Act.
Employees may make privacy complaints directly to the Operational Risk and Compliance Manager or through our external whistle blower service provider whose website address is www.whistleblowing.com.au. Because of the inherent nature of privacy complaints, employees are advised that it may not be practicable for the Operational Risk and Compliance Manager or external whistle blower service providers to guarantee employees anonymity during the investigation of privacy complaints.
17. Definitions Of Some Terms Used In This Policy
The following definitions are based on the definitions in the Privacy Act. If there is any inconsistency between any definition in this section and a corresponding definition in the Privacy Act, the latter definition will apply.
17.1 Consumer Credit Liability Information
In relation to consumer credit provided to an individual the following information about the consumer credit is consumer credit liability information about the individual:
a) The name of the credit provider;
b) Whether the credit provider is an Australian credit licensee;
c) The type of consumer credit;
d) The day on which the consumer credit is entered into;
e) The terms or conditions of the consumer credit:
(i) That relate to the repayment of the amount of credit; and
(ii) That are prescribed by the regulations.
f) The maximum amount of credit available under the consumer credit;
g) The day on which the consumer credit is terminated or otherwise ceases to be in force.
17.2 Credit Reporting Body (“CRB”) or Credit Reporting Bodies (CRB’s)
Means organisation/s or an agency or agencies prescribed under the Privacy Act that are in the business of collecting, holding, using or disclosing Personal Information or Credit Information about individuals for the purposes of providing others information about the Credit Worthiness of an individual.
17.3 Credit Worthiness Information
Means a statement or opinion about your:
a) Eligibility to be provided with consumer credit;
b) History in relation to consumer credit; or
c) Capacity to repay an amount of credit that relates to consumer credit.
17.4 Default Information
Means information about a payment (including a payment that is wholly or partly a payment of interest) that you are overdue in making in relation to consumer credit provided to you and:
a) You are at least 60 days overdue in making the payment;
b) The Credit Provider has given you written notice requesting payment of the overdue amount;
c) The Credit Provider’s right to be paid the amount is not prevented by a statute of limitations; and
d) The amount is $150 or more or an amount prescribed by regulation.
17.5 Identification Information
For the purposes of this Policy, Identification Information includes your:
a) Current and previous names and aliases;
b) Date of birth;
d) Current and previous residential addresses;
h) Voice recording;
i) Licence, permit or authorisation that contains any or a combination of the previously mentioned identification information;
j) Tax file number or some other “government related identifier” (as defined in the Privacy Act);
k) Current and previous employers’ names and business names.
17.6 Information Request
Means any information we have sought from a CRB (as defined in section 15.2) that relates to:
a) Your application for consumer credit made to us;
b) An application for commercial credit made to us; or
c) Assessing whether to accept you as a guarantor in relation credit provided or to be provided to another person.
17.7 New Arrangement Information
Means a statement that the terms or conditions of an original consumer credit we have provided to you has been varied or that we have provided you with a new consumer credit because of you had been overdue in making the payments under the original consumer credit.
17.8 Payment Information
Means a statement that on a specified date or day, you have paid in part or wholly an amount of an overdue payment we included in default information we had disclosed to a CRB (as defined in section 15.2).
17.9 Personal Insolvency Information
Means information about you entered or recorded in the National Personal Insolvency Index and relates to:
a) Your bankruptcy, a debt agreement proposal you have given or made;
b) Personal insolvency agreement you have executed;
c) A direction given, or an order made, under section 50 of the Bankruptcy Act that relates to your property; or
d) An authority signed under section 188 of that Act that relates to your property.
17.10 Repayment History Information
a) Whether or not an individual has met an obligation to make a monthly payment that is due and payable in relation to a consumer credit;
b) The day on which the monthly payment is due and payable;
c) If the individual makes the monthly payment after the day on which the payment is due and payable—the day on which the individual makes that payment.
17.11 Sensitive Information
a) Information or an opinion about your:
(i) Racial or ethnic origin;
(ii) Political opinions;
(iii) Membership of a political association;
(iv) Religious beliefs or affiliations;
(v) Philosophical beliefs;
(vi) Membership of a professional or trade association;
(vii) Membership of a trade union;
(viii) Sexual orientation; or
(iv) Criminal record.
b) Your health information; or
c) Your genetic information that is not otherwise health information;
d) Your biometric information that is to be used for the purpose of automated biometric verification or biometric identification; or
e) Your biometric templates.
17.2 Serious Credit Infringement
a) Any act on your part that involves fraudulently obtaining consumer credit, or attempting fraudulently to obtain credit from us;
b) An act on your part that involves fraudulently evading or attempting to fraudulently evade your obligations in relation to a consumer credit; or
c) Any act on your part:
(i) From which a reasonable person would consider indicates your intention to no longer comply with your obligations in relation to consumer credit we have provided to you; and
(ii) In relation to which the credit provider has, after all reasonable efforts, been unable to contact you about the act; and
(iii) At least 6 months have passed since we last had contacted you.