1. About this policy
1.3 We handle Personal information in our own right and also on behalf of our Clients and their customers (“Customers”).
1.5 We comply with the privacy laws which include the Privacy Act 1988 (Cth) (“Privacy Act”) and we follow the standards of the Australian Privacy Principles (“APPs”) under the Privacy Act.
2. Information we collect
2.1 To operate our business we have to collect personal information. We aim to collect personal information only if it is reasonably necessary to providing the service, product or information that an individual has requested from us.
2.2 The types of personal information we may collect includes:
- Personal Details. details such as an individual’s name, location, date of birth, physical location, language, family details and other personal information that allows us to identify the individual;
- Contact Information. information such as an individual’s email address, phone number, third-party usernames, residential, business and postal address and other information that allows us to contact the individual;
- Financial Information. financial information related to an individual such as any debts owed to our Clients, bank or credit card details used to transact with us, and other information that allows us to transact with the individual and/or provide them with our services;
- Statistical Information. information about an individual’s online and offline preferences, habits, movements, trends, decisions, associations, memberships, finances, purchases and other information for statistical purposes; and
- Information an individual sends us. personal correspondence that an individual sends us, or that is sent to us by others about the individual’s activities.
2.3 We may also collect other personal information about an individual if it is necessary to manage our relationship with them.
3. How information is collected
3.1 When providing our products and services (including the Credit Clear Product), we collect personal information in a variety of ways. Unless it is unreasonable or impracticable to do so, we collect personal information from individuals directly.
3.2 In some cases, we will collect information about individuals from a third party.
3.3 We mainly collect personal information from our Clients who use us to provide receivables management services in relation to their Customers. This may include personal information about Customers and personal information about other individuals.
3.4 We also collect personal information from individuals directly. The ways we do this include:
- Using Credit Clear. When an individual enters personal information into the Credit Clear Product for any reason.
- Registrations/Subscriptions. When an individual registers or subscribes for a service, list, account, connection or other process and they enter personal information details in order to receive or access something, including a transaction.
- Contact. When an individual contacts us in any way, including to make an enquiry about our services, or to engage with our business or its employees in the course of receiving services from us
- Access. In some cases an individual may be required to validate their identity in order to use the Credit Clear Product. When an individual accesses us through the internet we may also collect information using cookies (an individual can adjust their browser’s setting to accept or reject cookies) or analytical services.
- Pixel Tags. Pixel tags enable us to send email messages in a format Customers can read and they tell us whether mail has been opened.
3.5 We may also collect personal information from sources such as advertising and information in the public domain. This includes public records and information that an individual posts online, such as social media content.
3.6 Personal information may also be collected by us from mailing lists, contractors, staff, recruitment agencies, and our business partners.
3.7 We will seek to ensure that an individual is aware of when their personal information is being collected. At the time of collection, or as soon as practicable after we have collected it, we will take such steps as are reasonable in the circumstances to notify an individual of the collection and of matters relevant to the collection, unless it is obvious from the circumstances that the individual would know or would expect us to have the information.
4. Why we collect, hold and use personal information
4.1 We collect, hold, use and disclose personal information primarily to:
- provide products or services to our Clients;
- enable individuals to manage their affairs with our Clients; and
- contact individuals for business purposes and manage our relationship with individuals or our Clients.
4.2 Personal information is also collected, held, used and disclosed to enable us to operate our business. This may include the following purposes:
- enabling the individual to manage their affairs with our Client;
- the provision of goods and services between an individual and us;
- verifying an individual’s identity;
- communicating with an individual about their relationship with us or our services;
- marketing and promotions;
- competitions, surveys and questionnaires;
- dealing with complaints about or made by an individual, or if we suspect that an individual is in breach of any of our terms and conditions or that an individual has engaged in any unlawful activity;
- as required or permitted by any law (including the Privacy Act); and
- developing and improve our products, client service and relationships.
5. Disclosure of personal information
5.1 We may disclose an individual’s personal information to:
- external providers of services that we use to provide business or administrative services to our business or manage our business systems; for example, file storage service providers, database and mailing service providers, marketing service providers, providers of payment processing, payment gateways and identity verification services and IT technicians who may need access when providing on-site support (although it is our practice for them to work under supervision) and other professional service providers as required from time to time); or
- our professional advisors and agents.
5.2 Where personal information is provided to us by a third party, (such as our Client) that third party will always have access this information as the master record holder.
5.3 We may disclose an individual’s personal information to these third parties so that they can assist us with providing the best possible service to our Customers. Those people or companies will be permitted to access only the personal information they need to deliver the service to us, our Customers, or our Clients, or where required by law or our reporting requirements. We take reasonable steps to ensure that these organisations are bound by confidentiality and privacy obligations in relation to the protection of personal information.
5.4 If we sell or otherwise transfer part or the whole of our company or our business (or part of our business) to another organisation (including in the course of a transaction like a sale, merger or acquisition or as part of a dissolution, liquidation, administration, receivership or other form of insolvency), personal information that is collected by us may be disclosed to a third party, prospective buyer, transferee or insolvency practitioner.
5.5 We may utilise third party service providers to communicate with an individual and to store contact details about an individual, which may result in personal information being in transit or disclosed outside of Australia.
5.6 Generally speaking, the personal information that we collect and hold about an individual will be stored as follows:
Country in which the individual is located
Australia and New Zealand
Country in which personal information is stored
5.8 When an individual provides us with their personal information, they give us their consent to disclose their personal information outside of Australia for the purposes described above and acknowledge that we are not required to ensure that overseas recipients handle that personal information in compliance with the Privacy Act.
5.9 We will not otherwise disclose information about individuals unless the disclosure:
- is required or authorised by law; or
- that individual has consented to our disclosing the information about them.
6. Security of personal information
6.1 We will take all reasonable steps to protect an individual’s personal information from unauthorised access, modification or disclosure and from misuse, interference and loss. This includes appropriately securing our physical facilities and electronic networks.
6.2 We use encryption to transfer personal information. Despite this, the security of online transactions and the security of communications sent by electronic means or by post cannot be guaranteed. Each individual who provides information to us via the internet or by post does so at their own risk.
6.3 We are not responsible for the privacy or security practices of any third party (including third parties to whom we disclose personal information, including our Clients). The collection, use and disclosure of an individual’s personal information by such third parties is subject to their own privacy and security policies.
6.4 If an individual suspects any misuse or loss of, or unauthorised access to, their personal information, they should let us know immediately.
6.5 We will retain the personal information that we collect as required by law, and then take reasonable steps to destroy or permanently de-identify that personal information if it is no longer needed.
7. How to access and/or update information
7.1 An individual has the right to request access to, or correction of, the personal information that we hold about them. This right is subject to the APPs and some exceptions under the law. We will respond to a written request within a reasonable period of receiving a written request (subject to appropriate verification of the individual’s identity).
7.2 We aim to ensure that the personal information we collect and hold is accurate, complete and up to date. It is an individual’s responsibility to provide us with accurate and truthful personal information, and properly update the information with us. We cannot be liable for any information that is provided to us that is incorrect.
7.3 If an individual believes that the personal information we hold is inaccurate or incomplete, they need to contact us and we will use all reasonable efforts to correct the information. If we do not believe the information to be incorrect, we will take reasonable steps to add a statement to the personal information claiming that the individual believes the information is inaccurate, incomplete or out of date.
7.4 We will give each individual access to their personal information unless there is a lawful reason for refusing the request for access or correction. If we refuse a request we will give the individual a written notice explaining our reasons for that refusal and how they may complain about that refusal.
7.5 We may charge an individual a reasonable fee for our costs incurred in meeting any of their requests to disclose the personal information that we hold about them.
8. Complaints and disputes
8.1 If an individual has a complaint about our handling of their personal information, they should address their complaint in writing to the details below. Complaints should set out the details of the complaint and contact details of the individual making the complaint.
8.2 Our Privacy Officer will review complaints, acknowledge requests and ask for any other applicable information. Our Privacy Officer will then investigate the issue and advise the individual in writing of the outcome.
8.3 If we have a dispute regarding an individual’s personal information, we both must first attempt to resolve the issue directly between us. If the issue is not resolved, the individual can also make a complaint to the Office of the Australian Information Commissioner. Further information is available at www.oaic.gov.au.
9. Contacting us
9.1 All correspondence about privacy should be addressed to:
Attn: Privacy Officer
Credit Clear Limited
Level 4, 6 Riverside Quay
Southbank VIC 3006
10. Amendments to this policy