Credit Information (Privacy) Management Policy
Credit Connect Finance Pty Ltd (ACN: 113 576 891) (CCF), Australian Credit Licence No. 396190
This policy has been developed to appropriately acknowledge the importance of, and assist in providing a framework for, the appropriate level of protection for consumer identification and credit information protection. The policy represents CCG’s commitment to compliance with the privacy laws and privacy code obligations.
Concerning the Collection, Holding, Use and Disclosure of Credit Related Personal Information
We provide this policy in accordance with the Privacy Amendment (Enhancing Privacy Protection) Act 2012, hereafter referred to as the Privacy Act, detailing the lawful approach we take in the collection of information in our role as credit providers and in regard to the management and use of all information collected from our potential customers and actual customers, and all subsequent dealings with customer/consumer representatives, credit reporting bodies, and other entities listed in this policy.
In the course of our business, we provide consumer credit, as defined in Section 6(1) of the Privacy Act. This credit being provided wholly or primarily for personal, family, or household purposes. From time to time we may also offer business loans.
In the course of our business we seek to establish your credit worthiness. That means:
- your eligibility to be provided with credit;
- your history in relation to credit; and
- your capacity to repay an amount of credit.
The kinds of Credit Information We Collect and Hold
In accordance with the industry’s mandatory Credit Reporting Privacy Code, Obligation 5.1, we collect and hold credit reporting information, credit identification information, credit capacity information and personal information collected and held under Section 18 of the Privacy Act prior to 12 March 2014 and, thereafter, under PART 111A of the Privacy Act.
Where personal information concerning an overdue payment is held and, where information concerning this overdue payment is presented to a credit reporting body, the amount overdue will be a minimum of $150.
In accordance with Section 6 of the Privacy Act, we may collect and hold the following personal information that may be considered confidential:
- identification information;
- credit liability information;
- repayment history information;
- a statement that an information request has been made to a credit reporting body, by a credit provider, in relation to your application for credit;
- the type of personal or commercial credit, and the amount of credit sought in an application that you have made to a credit provider, in connection with which that credit provider has made an information request concerning you;
- overdue and default information concerning your current and/or previous personal and/or business loans;
- payment information about you, including information concerning late payments;
- information about new arrangements you may have made involving an existing credit contract;
- court proceedings (civil) information about you;
- personal insolvency information about you, as included on the National Personal Insolvency Index, which relates to bankruptcy, debt agreements, personal insolvency agreements and Sections 50 and/or 188 Bankruptcy Act directions and/or authorities;
- insolvency information associated with your company or companies seeking loans;
- publicly available information concerning your activities in Australia and your credit worthiness, including information recorded on the National Personal Insolvency Index;
- any opinion that we might reach that you have committed a serious credit infringement in relation to consumer credit we have provided to you, with the circumstances specified on the file;
- any opinion that we might reach that you have committed a serious credit infringement in relation to business or commercial credit we have provided to you, with the circumstances specified on the file; and
- unsolicited information that we may deem relevant to keep on file.
Explanation of some of the key elements listed above is as follows.
Identification Information About You
To assist in protecting you against identity theft and to assist in reducing the opportunity for fraud, we may ask you for some or all of the following identification information:
- your full name;
- any alias or previous name/s;
- date of birth;
- current address;
- 2 previous addresses (if any);
- name of current employer; or
- name of last known employer; and
- driver’s licence number.
To assist with business or commercial loan applications, we may ask you for:
- a copy of the company’s Constitution and associated documentation;
- a copy of documents identifying the company directors;
- financial statements; and
- other documents.
Consumer and Business Credit Liability Information
We collect and hold consumer and/or business credit liability information, including:
- the name of the credit provider;
- whether or not the credit provider holds an Australian Credit Licence;
- the type of consumer credit;
- the day on which the consumer credit was entered into;
- the terms or conditions of the consumer credit which relate to the repayment of that credit and anything that may be prescribed by regulation;
- the maximum amount available under the consumer credit; and
- the day on which the consumer credit is terminated, or otherwise ceases to be in force.
Repayment History Information
If and when we provide consumer credit to you, the following information about you as a consumer may be collected and held:
- whether or not you have met monthly repayment obligations;
- the date on which the monthly payment is due and payable; and
- if you make payments after the due and payable day, the day on which you actually made the payment.
Overdue and Default Information
We collect and hold information about any payment that is overdue and, under Section 88 of the National Credit Code, Regulation 86 of the National Consumer Credit Protection Regulations 2010 and Section 6Q of the Privacy Act, that:
- you are overdue in making the payment;
- you have received a written notice from us advising you of the overdue amount and requesting payment of the amount;
- the Statute of Limitations does not prevent us from recovering the amount; and
- where the amount overdue is $150 or more, it is sufficient to list on your file with a credit reporting body. Any amount will be listed on the file we maintain concerning your identification and credit information.
We may collect and hold information that is given or made against you in civil court proceedings that relate to any credit that has been provided to you, or for which you have applied.
How We Collect Credit Information
We collect credit information from 6 possible sources:
- from you;
- from the documentation we request and you provide;
- from credit reporting bodies;
- from people or organisations you permit us to contact, to verify your credit relevant details;
- from other credit providers;
- from External Dispute Resolution schemes; and
- from information about you publicly available, including court and tribunal reports and decisions.
Please note, depending on circumstances, we may choose not to seek information from all these sources to assess your credit application.
How We Hold Credit Information Securely
In all circumstances, we take reasonable steps to protect your information from misuse, loss, interference, unauthorised access, modification or unauthorised disclosure. We choose not to provide further detail, for security reasons. Further protection detail can be provided to you verbally, on request.
The Kinds of Credit Eligibility Information that We Hold
This is credit reporting information and CP derived information about you that may be disclosed to us by a credit reporting body, under Division 2 of Part 111A of the Privacy Act.
How We Hold Credit Eligibility Information
Hard copies are held in a locked environment, with other security protection after business hours and electronic copies are held in a secure environment, with the application of appropriate passwords and other computer and software security techniques.
The Credit Reporting Body
We provide information to and request information from Equifax, a credit reporting body. If you have a need to contact that body, the contact details are:
You may contact the body if:
- you believe that the information they have on their file about you needs amendment or correction; and/or
- you want the body to hold off disclosing any information from the their file about you because, on reasonable grounds, you believe that you have been, or are likely to be, a victim of fraud; and/or
- you do not want the body to use their credit reporting information for the purposes of pre-screening for direct marketing by a credit provider.
Transfer of Information Between us and Equifax, the Credit Reporting Body
This information transfer is permitted under Division 2 of Part 111A of the Privacy Act 2012. The information involved is the credit-related personal information that a credit reporting body may provide about you, to assist us to assess your credit worthiness. This information is relevant for use in establishing your eligibility for consumer credit.
Please note that the company may contract with Equifax to have part or all of this information provided, from time to time, in accordance with company policy. This information has been provided to Equifax by credit providers with whom you have had contact, and includes:
- information about you after you turned 18, except identification information;
- credit applied for and/or supplied in Australia;
- your repayment history; and
- any default information.
If we provide a loan to you and you fail to meet your repayment obligations, or commit a serious credit infringement, we may be entitled to disclose this to the credit reporting body and it will be included on the file they hold about you.
Transfer of Information Between us and ASIC or an External Dispute Resolution Scheme
In accordance with our Australian Credit Licence conditions and a number of provisions in the Australian Securities and Investments, National Consumer Credit Protection and the Anti-Money Laundering and Counter Terrorism Finance (AUSTRAC) Acts, we may be required to give ASIC, AUSTRAC or the EDR scheme copies of all or some part of your information.
The Purposes for Which we Collect, Hold, Use and Disclose Credit Information and Credit Eligibility Information
The consumer credit-related purposes for which we collect, hold, use and disclose information are:
- to assess your application to us for consumer credit; and
- to collect payments that are overdue in relation to consumer credit we may have provided you; and
- to collect payments that are overdue in relation to consumer credit provided by another credit provider, under a credit contract that has been assigned to us by that other credit provider [in accordance with Sub-sections 6K(2) and (3)].
In accordance with section 21M, we will disclose relevant and permitted information to debt collectors.
Use of Credit Eligibility Information
In accordance with Section 21G, we use credit eligibility information for the following purposes:
- credit related purposes involving you; or
- permitted reporting of information to a credit reporting body; or
- in connection with what we reasonably believe is a serious credit infringement that you may have committed; or
- for a use prescribed by a court, or tribunal, or regulations.
We will disclose this information to:
- credit bodies;
- a company related to us;
- a person responsible for processing your credit application; or
- a person who manages our credit contracts; or
- another credit provider, if we reasonably believe that you have committed a serious credit infringement; or
- the external dispute resolution scheme we subscribe to; or
- as authorised under Australian law, regulation, court or tribunal.
In accordance with Section 21N of the Privacy Act, we may disclose information to an approved entity seeking participation in an assignment of your debt, or purchase of our business. Should the transaction proceed, you will be informed in writing, in accordance with Obligation 13 in the Credit Reporting Privacy Code and all our rights will be transferred to the acquirer, in accordance with Section 6K of the Privacy Act.
How You May Access Credit Eligibility Information that We Hold About You
First contact the CCG Privacy Compliance Manager on telephone: 1300 795 507, or email firstname.lastname@example.org or PO Box 3574, Robina TC, QLD 4230.
In accordance with Section 21T and Code Obligation 19, at your request, we will:
- give you access to any credit information we hold about you;
- respond to your request within a reasonable period and provide the access within 30 days of your request;
- provide the information in a clear manner and provide reasonable explanations and summaries of the information, to assist you to understand the impact of the information; and
- deny access, only if such would be unlawful, required under Australian law, or by a court or tribunal, or would prejudice an official enforcement body investigation.
Following your successful request, access will be provided by the Privacy Compliance Manager, who will facilitate the provision of a print out of your information stored in the company’s Specialist Lending System. Any denial of access will be in writing, with the reason/s explained and details of the company’s internal disputes resolution process, relevant external resolution scheme and the Office of the Australian Information Commission, to which you may lodge a complaint if not satisfied with the company’s explanation.
How You May Seek the Correction of Credit Information and Credit Eligibility Information that We Hold
Once you have inspected the personal credit information we hold on file about you, you may inform our Privacy Compliance Manager if you have discovered any information that is inaccurate, out-of-date, incomplete, irrelevant or misleading.
The Privacy Compliance Manager will be pleased to amend the file within 30 days but, in most cases, will require appropriate evidence from you to support your request. Please note that, in the exercise of this correction duty, the Privacy Compliance Manager is lawfully entitled to consult with a credit reporting body and/or another credit provider. You, and any entity consulted in the process, will be informed in writing of any correction.
How You May Complain About our Failure to Comply with this Division, or the Relevant Registered CR Code
There are 3 ways you may complain:
- Verbally, or in writing, to our Privacy Manager.
- If you are not satisfied with the Privacy Manager’s response, you can complain verbally or in writing to our Internal Dispute Resolution Manager.
- If you are not satisfied with the Internal Dispute Manager’s response you can lodge a complaint either with the Privacy Commissioner, at the Office of the Australian Information Commission, contact details –
Office of the Australian Information Commission
GPO Box 5218
Sydney NSW 2001
Phone: 02 9284 9753
Enquiries: 1300 363 992
With the external dispute resolution scheme of which we are a member, contact details:
Financial Ombudsman Services
PO Box 3
Melbourne Vic 3001
Phone: 1300 565 562
Fax: (03) 9613 6399
There is no charge for lodging a complaint.
How We Will Deal with Such a Complaint
We will write to you acknowledging receipt of the complaint. After appropriate investigation, the Privacy Manager will write to you as soon as practicable after a decision has been reached, outlining the decision and the reasons for reaching it.
We do not disclose credit information, or credit eligibility information, to entities that do not have an Australian link.