SocietyOne Privacy and Credit Reporting Policy
When you trust SocietyOne with your personal and financial information, we know you expect us to protect it and keep it safe. We are committed to protecting the privacy of the personal information of individuals with whom we deal.
We are bound by the Privacy Act 1988 (Cth) ('Privacy Act') and will protect your personal information in accordance with the Privacy Act, the Privacy (Credit Reporting) Code 2014 ('Code') and the Australian Privacy Principles ('APPs'). The Code and the APPs govern how we can collect, use, hold and disclose your personal information, as well as ensuring the quality and security of your personal information.
This Policy applies in respect of SocietyOne and includes our policy on the handling of credit reports and other credit-related personal information.
Please note that during the course of our relationship with you, we may tell you more about how we handle your information. This could be when you complete an application or receive terms and conditions or a Product Disclosure Statement. When you receive this further information, please consider it carefully. Please also visit our website regularly as we update this policy from time to time.
What is personal information?
Personal information includes any information or opinion, about an identified individual or an individual who can be reasonably identified from their information. The information or opinion will still be personal information whether it is true or not and regardless of whether we have kept a record of it.
The information that we seek to collect about you will depend on the products or services that we provide. If you do not allow us to collect all of the information we request, we may not be able to deliver all of those services effectively.
What kinds of personal information do we collect and hold?
When you apply for our products or services we may ask for identification information. This could include your name, address, contact details and date of birth. If you apply for a loan with us we may also collect credit-related personal information and credit reports and other credit information about you. We may also collect your tax file number if we are authorised to collect it and if you choose to supply it.
Throughout the life of your product or service, we may collect and hold additional personal information (including credit-related personal information) about you. This could include transaction information or making a record of queries or complaints you make and, if you make an insurance claim, collecting additional information to assess the claim.
The collection of sensitive information is restricted by the Privacy Act. This includes information about your religion, racial or ethnic origin, political opinions, criminal record, and sexual orientation. It also includes health information and biometric information.
Generally, we only collect this sort of information if it is necessary to provide you with a specific product or service and you have consented to that collection.
How do we collect personal information?
We collect most personal information directly from you. For example, we will collect your personal information when you apply for or use a product or service or talk to us in person or on the phone. Your personal information may include credit-related information. For example, you may instruct GetCreditScore to provide us with your credit grade.
We also collect information from you electronically. When you use our website, tablet or mobile applications we may collect information about your location or activity including the date of and time of visits, which pages are viewed, how you as the user navigate through the website and interact with the webpages (including fields completed in form and applications), IP address, telephone number, information about the device used to visit our website and whether you've accessed third party sites. Some of this website information we collect using Cookies.
We collect information about you from others, such as our related bodies corporate, service providers, agents, advisers, brokers, employers or family members. We will generally only do this with your consent. For example, if you apply for credit, we may need to obtain a credit related information about you including identification information about you, information about your existing lines of credit, repayment history information, statements that an information request has been made in relation to you by a credit provider, mortgage insurer, the type and amount of credit sought in a credit application by you to a credit provider, default information, payment information, court proceedings information, personal insolvency information or information derived by a credit reporting body such as a credit report. We may also collect information about you that is publicly available, for example from public registers or social media, or made available by third parties.
If we need to obtain sensitive information about you, we will ask for your consent, except where otherwise permitted by law.
So that we can better tailor information and products to your needs, when we send you email messages, we may use technology to identify you so that we can know when you have opened the email or clicked on a particular link in the email.
If you log into the SocietyOne website we may collect information from you to confirm your identity. When you ring us, we may also monitor and/or record telephone calls for the purposes of staff training and to verify statements made during the phone call.
What laws require or authorise us to collect personal information?
We are required or authorised to collect:
(i) certain identification information about you by the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) and Anti-Money Laundering and Counter-Terrorism Financing Rules;
(ii) your Tax File Number, if you choose to provide it, by the Income Tax Assessment Act 1936 (Cth);
(iii) if you have applied for credit or provide a guarantee, certain information about your financial position under the National Consumer Credit Protection Act 2009 (Cth), and if you give us a mortgage security, certain identification information under property laws in some states and territories.
How do we hold personal information?
Much of the information we hold about you will be stored electronically in secure data centres which are located in Australia and owned by either SocietyOne or external service providers. Some information we hold about you will be stored in paper files. We use a range of physical and electronic security measures to protect the security of the personal information we hold. For example:
(i) access to information systems is controlled through identity and access management
(ii) employees are bound by internal information security policies and are required to keep information secure
(iii) all employees are required to complete training about information security; and
(iv) we regularly monitor and review our compliance with internal policies and industry best practice.
We take reasonable steps to destroy or permanently de-identify any personal information where we no longer use the information for any purpose for which the information may be used or disclosed in accordance with the Privacy Act.
How do we use personal information?
We collect, use and exchange your information so that we can:
+ establish your identity and assess applications for products and services
+ price and design our products and services
+ administer our products and services
+ manage our relationship with you
+ manage our risks and help identify and investigate illegal activity, such as fraud
+ contact you, for example if we suspect fraud on our account or need to tell you something important
+ conduct and improve our businesses and improve the customer experience
+ comply with our legal obligations and assist government and law enforcement agencies or regulators
+ identify and tell you about other products or services that we think may be of interest to you.
We may also collect, use and exchange your information in other ways where permitted by law.
Who do we exchange your information with?
We may share your personal information with other companies within the SocietyOne Group.
We may also provide personal information about our customers to organisations outside the SocietyOne Group. To protect personal information, we enter into contracts with our service providers that require them to comply with the Privacy Act. These contracts oblige them to only use the personal information we disclose to them for the specific role we ask them to perform.
Generally, we disclose personal information to organisations that help us with our business. These may include:
- our agents, contractors and external service providers
- authorised representatives and credit representatives who sell products and services on our behalf;
- payment systems operators
- other organisations, who jointly with us, provide products or services to you;
- other financial services organisations, including banks, superannuation funds, stockbrokers, custodians, funds managers and portfolio service providers;
- debt collectors;
- our financial advisers, legal advisers or auditors;
- your representatives (including your legal adviser, accountant, mortgage broker, financial adviser, executor, administrator, guardian, investigate or prevent fraud or other misconduct;
- fraud bureaus or other organisations to identify, investigate or prevent fraud or other misconduct;
- external dispute resolution schemes;
- credit reporting bodies; and
- regulatory bodies, government agencies and law enforcement bodies in any jurisdiction.
We may also disclose your personal information to others outside of SocietyOne where:
+ we are required or authorised by law or where we have a public duty to do so;
+ you may have expressly consented to the disclosure of the consent may be reasonably inferred from the circumstances; or
+ we are otherwise permitted to disclose the information under the Privacy Act.
Do we disclose personal information overseas?
We may disclose your personal information to a recipient which is located outside Australia.
- SocietyOne companies located in Singapore and New Zealand
- SocietyOne service providers which are likely to be located in the United States, United Kingdom; and
- for international transactions, we may need to disclose your information to the corresponding international party in order to process the transaction. The countries we disclose your information to will depend on the details of the transaction your ask us to carry out.
Do we use information for marketing?
We will use your personal information to offer you products and services we believe may interest you, but we will not do so if you tell us not to. These products and services may be offered by SocietyOne or one of its preferred suppliers. We may offer you products and services by various means, including by mail, telephone, email, SMS or other electronic means , such as through social media or targeted advertising.
So that we can better tailor our information and products to your needs, we use technology known as a "cookie" to collect statistical information about you when using internet browsing, mobile or tablet applications. A cookie is a packet of information placed on your computer's hard drive or in memory by a website for record keeping purposes. They can record information about your visit to the site, allowing it to remember you the next time you visit and provide a more meaningful experience.
One of the reasons for using cookies is to offer you increased security. The cookies we send to your computer cannot read your hard drive, obtain any information from your browser or command your computer to perform any action.
Credit Checks and credit reporting
When you apply for credit or propose to be a guarantor, we need to know if you’re able to meet repayments under your agreement with us. We also want to avoid giving you further credit if this would put you in financial difficulty. One of our checks involves obtaining a credit report about you.
What is a Credit Report?
A credit report contains information about your credit history which helps credit providers assess your credit applications, verify your identity and manage accounts you hold with them. Credit reporting bodies collect and exchange this information with credit providers like SocietyOne and other service providers such as phone companies.
The Privacy Act limits the information that credit providers can disclose about you to credit reporting bodies, as well as the ways in which credit providers can use credit reports.
What information can we exchange with credit reporting bodies?
The information we can exchange includes your identification details, what type of loans you have, how much you’ve borrowed, whether or not you’ve met your loan payment obligations and if you have committed a serious credit infringement (such as fraud). We also ask the credit reporting body to provide us with an overall assessment score of your creditworthiness The credit reporting bodies we use are:
- Veda Advantage Information Services and Solutions Ltd - www.veda.com.au
- Experian Australia Credit Services Pty Ltd - www.experian.com.au/credit-services
- Dun & Bradstreet (Australia) Pty Ltd - www.checkyourcredit.com.au
What do we do with credit-related information?
We use information from credit reporting bodies to confirm your identity, assess applications for credit, manage our relationship with you and collect overdue payments. We may also use this information as part of arriving at our own internal assessment of your creditworthiness.
We store credit-related information with your other information. You can access credit-related information we hold about you, request us to correct the information and make a complaint to us about your credit-related information.
Credit reporting bodies with whom we exchange information may include the information in reports they provide to credit providers to assist those credit providers assess your credit worthiness. You can obtain a copy of the credit reporting body's policy about the management of credit-related information by contacting the relevant reporting body or obtaining a copy of their policy from their website.
Credit providers may ask credit reporting bodies to use their credit-related information to pre-screen you for direct marketing. You can ask a credit reporting body not to do this. Also, if you’ve been, or have reason to believe that you’re likely to become, a victim of fraud (including identity fraud), you can ask the credit reporting body not to use or disclose the credit-related information it holds about you.
Accessing, updating and correcting your information
Can I get access to my information?
You can request access to the personal information (including credit-related information) we hold about you. You can also ask for corrections to be made. To do so, please contact us.
Is there a fee?
If you make a request asking us for access to your personal information, a reasonable cost may be charged. This charge covers such things as locating the information and supplying it to you.
There is no fee for requesting that your personal information be corrected or for us to make corrections.
You will not be charged any fees to access your credit-related information if you have not made a request for accessing the information within the preceding 12 months. If you have made an access request within the preceding 12 months, a reasonable cost may be charged.
Can we deny or limit your request for access?
We are not required to provide you access if we are unable to identify you and in certain circumstances we’re allowed to deny your request, or limit the access we provide. For example we might not provide you access to commercially sensitive information. Whatever the outcome, we’ll write to you explaining our decision.
What if SocietyOne disagrees that the information should be corrected?
If we disagree with you that information should be corrected, we’ll let you know in writing of our reasons. You can ask us to include a statement with the relevant information, indicating your view that the information is inaccurate, misleading, incomplete, irrelevant or out-of-date. We will take reasonable steps to comply with such a request.
Contact us about our privacy and information handling practices
If you are concerned about how your personal information is being handled or if you have a complaint about a breach by us of the Privacy Act, the code of the APPs, please contact us.
Telephone: 1300 144 221
Our Privacy Officer can also be contacted in relation to privacy concerns by writing to:
PO Box 5175, Sydney NSW 2001.
We will acknowledge your complaint as soon as we can after receipt of your complaint. We will let you know if we need any further information from you to resolve your complaint.
We aim to resolve complaints as quickly as possible. We strive to resolve complaints within five business days but some complaints take longer to resolve. If your complaint is taking longer, we will let you know what is happening and a date by which you can reasonably expect a response.
If you are unhappy with our response, there are other bodies you can go to.
The Financial Ombudsman Service (FOS) can consider most privacy complaints involving providers of financial services.
FOS can be contacted at:
Financial Ombudsman Service
GPO Box 3
Melbourne VIC 3001
Phone: 1300 78 08 08
Under the Privacy Act you may complain to the Office of the Australian Information Commissioner about the way we handle your personal information.
The Commissioner can be contacted at:
GPO Box 5218
Sydney NSW 2001
Phone: 1300 363 992
Changes to the Privacy and Credit Reporting Policy
We may change the way we handle personal information from time to time for any reason. If we do so, we will update this Policy. An up-to-date version is available on www.societyone.com.au We, Us or Our means:
SocietyOne Holdings Pty Ltd
SocietyOne Australia Pty Ltd
SocietyOne Livestock Lending Pty Ltd
ClearMatch Pte Ltd