Privacy matters to us and we know it matters to you. We provide a range of products and services and to do this we need to collect, store, use and disclose a broad range of information. We’re committed to protecting your privacy, keeping your information safe and ensuring the security of your data.
Our Privacy Statement explains how we collect, use and protect your information and extends to both our control and processing of personal information. It also incorporates our Credit Reporting Policy which lets you know how we use any credit related information we might collect. This current policy came into effect at 1 November 2019. We may need to update it over time but, if we do, we’ll post the updated version on our website.
The types of information we collect depends on how you use our products and services as well as the relationship we have with you as a customer. This can include straightforward information like your name, date of birth, contact details (including address, email address, phone number or mobile telephone number), occupation, driver’s licence or passport number, username or password, details about your business (such as trading name, ABN, ACN and phone number) and financial information (such as credit card or bank account numbers).
We may also collect more in-depth information including:
Sensitive information includes information about a person’s race, ethnic origin, political opinions, health, religious or philosophical beliefs and criminal history. We may collect some forms of sensitive information; for example we may collect limited health information to provide priority assistance services. We are subject to strict requirements in relation to sensitive information including to only collect and use sensitive information with consent or otherwise in accordance with applicable law such as the Commonwealth Privacy Act 1988.
You might also need to provide personal information about other individuals to us (e.g. about your authorised representative). If so, we rely on you to have informed those individuals that you are giving their personal information to us and to have advised them about this statement.
There are three ways we can collect your information:
We understand that you might not want to give us particular personal information. If so, that may mean we are not able to provide you with the products or services you need or want.
We may store your information in hard copy or electronic format, and keep it in storage facilities that we own and operate ourselves, or that are owned and operated by our service providers. We use a combination of technical solutions, security controls and internal processes to help us protect your information and our network from unauthorised access and disclosure. We endeavour to ensure that personal information is kept as current as possible and that irrelevant or excessive data is deleted or made anonymous as soon as reasonably practicable. However, some personal information may be retained for varying time periods in order to comply with legal and regulatory obligations and for other legitimate business reasons.
We will only use your information if we have a lawful reason to do so such as when it’s our legal duty or we have your consent and when it’s in our legitimate interest to do so. These include: **Administration - **To help us properly manage the products and services we provide to you and to maintain and update our records. For example, we need to be able to verify your identity to detect, prevent and address fraud. We also use your information for charging and billing and to identify breaches of our terms and conditions of service.
Network, security and fraud protection - As part of our network protection activities, we monitor Domain Name Servers (DNS) for known malicious domains which can, amongst other things, lead to the downloading of malicious software on to devices. Where our DNS services are used to connect to these known malicious domains, we may identify impacted customers for the purposes of notifying them so they can take action to protect themselves.
Communication - We need to be able to communicate with you in order to provide you with our products and services. We might do this on mediums such as email, SMS, social media, search engines and web pages you may visit.
Improvement – We are constantly working to not only maintain and improve our products, services and processes but to develop new ones. We use information we hold to help us do this in a number of ways. For example to monitor network use, quality and performance, and to operate, maintain, develop, test and upgrade our systems and infrastructure. We may also combine information from one service with information from one of our partners’ services to improve our credit assessment and debt recovery processes.
Development and analysis - It’s important we understand your information and communication needs. One of the ways we do this is through using analysis and business intelligence techniques. This gives us high level insights into things like usage patterns, network performance, demographic trends and other types of behavioural data. In many cases this information is aggregated and de-identified when analysed. We may share these anonymised insights with select business and commercial partners. In some cases, we may create insights with your information on an identified basis but would only do so in compliance with privacy laws (such as, with your consent).
Direct marketing - We want to make sure that you know about all our products, services and special offers that are relevant and are of interest to you. We may use the information we hold to market and promote them directly to you. This also may include products, services and offers provided by our trusted partners. In some cases this marketing activity can continue after you have stopped using our products or services, unless you opt-out. You can stop us using your information for direct marketing by updating your preferences by emailing us at email@example.com.
Compliance - There are a number of circumstances where we are required or authorised by law to collect, use or disclose information. These include:
We may share your information with other parties who provide services to us, including organisations, agents, partners and contractors that assist us with providing our business processes and products and services. These services include:
We may also disclose your information to:
In some cases, the organisations that we may disclose your information to may be based outside the location where the information is collected (in other words, countries outside Australia).Where we do this, we require these parties to take appropriate measures to protect that information and to restrict how they can use that information.
Sometimes, such as when we are checking your credit worthiness or assessing your credit situation, we might collect credit information from or give information to credit reporting bodies. Credit information can include:
Credit information relates primarily to your dealings with other credit providers (for example, banks, other financial institutions, or other organisations that may provide you with credit in connection with their products or services). It may also include certain credit worthiness information that we derive from the data that we receive from a credit reporting body. Sometimes we may collect this information about you from other credit providers. We may disclose your credit information to credit reporting bodies. They in turn may include it in credit reporting information they provide to other credit providers to assist them to assess your credit worthiness. We may use or disclose your credit information for purposes such as:
You have the right to request credit reporting bodies not to:
To ensure that we are able to provide you with the best products and services possible, it’s important that you make sure the personal information we hold about you is accurate, up-to-date and complete. If any of your details change, you can either update them yourself in your online portal or you may contact us using the contact details below so that we can consider and respond to your request. You also have the right to request a copy of your information that we hold about you. There is no charge to submit a request or to correct information, however we may apply an administrative charge for providing access to your personal information on request. To make this request email us at firstname.lastname@example.org.
You can also use our contact details to notify us of any privacy complaint you have against us. You can view and download our Complaints Handling Policy here.
If you have any questions in relation to this Privacy Statement, our management of your information or you would like a copy of this statement sent to you, please call us on 1300 122 166 or email our data protection officer at email@example.com