HOW WE TREAT YOUR PERSONAL INFORMATION

Who are we?

‘We’, ‘us’, ‘our’ refer to Rostron Finance Pty Ltd ACN 608 166 927, Australian Credit Licence 498 140, and our related businesses.

Our commitment to protect your privacy

We understand how important it is to protect your personal information. This document sets out our privacy policy commitment in respect of personal information we hold about you and what we do with that information. It also includes our policy on the handling of credit reports and other credit information.

During your relationship with us, we may tell you more about how we handle your personal information in application forms or terms and conditions, for example. You should read these documents carefully.

Any personal information we collect about you will only be used for the purposes we have collected it or as allowed by law. It is important to us that you are confident that any personal information we hold about you will be treated in a way that ensures protection of your personal information.

Our commitment in respect of personal information is to abide by the Australian Privacy Principles for the protection of personal information, as set out in the Privacy Act 1988 and any other relevant laws.

Personal information

When we refer to personal information, we mean information from which your identity is reasonably apparent. This information may include information or an opinion about you.

The kinds of personal information we may collect about you include your name, date of birth, address, email address, phone number, account details, occupation, transaction history and any other information we made need to identify you.

If you are applying for finance, we may also collect the ages and number of your dependants and cohabitants, the length of time at your current address, your employment details and proof of earnings and expenses, and your Tax File Number or tax residency status.

When you visit our website, we collect your location information, IP address, mobile device and network information and any third party sites you access. For more information on how we do this, see the heading ‘Cookies’ below.

If you apply for employment with us, we will collect information about your work history and ask your referees about you and, with your consent, undertake other due diligence such as Police Checks, Credit and Bankruptcy Searches.

Credit information

If you ask us to arrange credit or choose to be a guarantor, we may collect the following kinds of credit information and exchange this information with credit reporting bodies and other entities:

  • your identity information;
  • credit liability information being information about your existing finance which includes the name of the credit provider, the type of finance, the day the finance is entered into, the terms and conditions of the finance, the maximum amount of finance available, and the day on which the finance was terminated;
  • repayment history information which is information about whether you met your repayments on time;
  • information about the type of finance that you are applying for;
  • default and payment information;

We exchange this credit information for the purposes of assessing your application for finance and managing that finance.

Using government identifiers

When we collect government identifiers, such as your Tax File Number (TFN), we do not use or disclose this information other than as required by law. We will never use a government identifier to identify you.

Sensitive Information

We will only collect sensitive information about you with your consent except where otherwise allowed by law. Sensitive information is personal information that includes information relating to your racial or ethnic origin, political persuasion, memberships in trade or professional associations or trade unions, sexual preferences, criminal record, or health or biometrics (for example, your fingerprints).

Why we collect your personal and credit information

Our business is to understand and meet our customer’s finance needs over their lifetime. By law, we cannot provide advice without fully knowing and understanding your personal and financial circumstances. To do this effectively, we need to collect your personal information. We may also collect your personal information for the purposes of direct marketing and managing our relationship with you. From time to time we may offer you other products and services.

How do we collect your personal information?

In most cases, your personal information will be collected when you meet with our representative, provide your information via telephone or electronic and written material. In some instances, your information may also need to be collected from third parties such as your accountant or solicitor.

Do we disclose your personal information?

We are committed to being open about how we use personal information. Your personal information will be collected and held by Authorised & Credit Representatives, Staff and related body corporates. We may disclose your personal information as follows:

  • to other areas within the Group who provide financial and other services;
  • Financial institutions, funders or other intermediaries for the provision of financial products such as mortgages, deposit bonds, investments, superannuation and life insurance
  • to any of our associates, service providers, aggregators, licensees, technology providers, related entities or contractors, specialist advisers who have been contracted to provide us with administrative, financial, insurance, accounting, legal, information technology, research or other services;
  • to associated businesses that may want to market products to you;
  • to companies that provide information and infrastructure systems to us;
  • any person or entity who represents you including financial consultants, accountants, lawyers, mortgage brokers, persons holding power of attorney, guardians and advisers;
  • to anyone, where you have provided us consent;
  • to other insurers, credit providers, courts, tribunals and regulatory authorities as agreed or authorised by law;
  • other guarantors or borrowers (if more than one) or borrowers or prospective borrowers of any credit you guarantee or propose to guarantee;
  • your referees, such as your employer, to verify information you have provided;
  • to credit reporting or reference or identity verification agencies or insurance investigators or your employer;
  • where we are authorised to do so by law, such as under the Anti-Money Laundering and Counter Terrorism Financing Act 2006 (Cth), to government and law enforcement agencies or regulators;
  • to investors, agents or advisers, or any entity that has an interest in our business; or
  • to organisations in connection with the sale or proposed sale of all or part of Rostron and to the use of that personal information by those organisations for those purposes

Prior to disclosing any of your personal information to another person or organisation, we will take all reasonable steps to satisfy ourselves that:

  1. the person or organisation has a commitment to protecting your personal information at least equal to our commitment, or
  2. you have consented to us making the disclosure.

How safe and secure is your personal information that we hold?

We will take reasonable steps to protect your personal information by storing it in a secure environment. We may store your personal information in paper and electronic form. We will also take reasonable steps to protect any personal information from misuse, loss and unauthorised access, modification, or disclosure

This credit information will be held by us in electronic form using cloud storage and may also be held in paper form.

You have the right to request access to the credit information that we hold about you and make a request for us to correct that credit information if needed. Please see the heading ‘Access and correction to your personal and credit information’ below.

Management and storing of personal information

We train our employees, representatives and their staff who handle personal information to respect the confidentiality of customer information and the privacy of individuals. We regard breaches of your privacy seriously and will impose appropriate penalties, including dismissal. We have appointed a Privacy Officer to ensure that our management of personal information is in accordance with this statement and the Privacy Act.

We hold personal information in a combination of secure computer storage facilities and paper-based files and take steps to protect the personal information we hold from misuse, loss, unauthorised access, modification or disclosure.

We may need to maintain records for a significant period of time. However, when we consider information is no longer needed, we will remove any details that will identify you or we will securely destroy the records.

Updating your personal information

It is important to us that the personal information we hold about you, such as current home address, email address and phone number, is accurate and up to date. During our relationship with you we may ask you to inform us if any of your personal information has changed.

If you wish to make any changes to your personal information, you may contact us. We will generally rely on you to ensure the information we hold about you is accurate and complete.

Access and correction to your personal and credit information

We will provide you with access to the personal and credit information we hold about you. You may request access to any of the personal information we hold about you at any time.

We may charge a fee for our costs of retrieving and supplying the information to you. We will provide an estimate of this cost so you can decide whether you would like to proceed.

We aim to respond within 30 days of receiving your request. We may need to contact other entities to properly investigate your request.

There may be situations where we are not required to provide you with access to your personal information, for example, if the information is commercially sensitive or relates to existing or anticipated legal proceedings, or if your request is vexatious.

An explanation will be provided to you if we deny you access to the personal information we hold about you.

If any of the personal information we hold about you (including credit information) is incorrect, inaccurate or out of date you may request that we correct the information. If appropriate we will correct the personal information. We will not charge you a fee to correct your personal information. We aim to provide you with details about whether we have corrected the personal information within 30 days of receiving your request.

We may need to consult with other entities as part of our investigation.

If we refuse to correct personal information, we will provide you with our reasons for not correcting it.

 

Business without identifying you

In most circumstances it will be necessary for us to identify you in order to successfully do business with you, however, where it is lawful and practicable to do so, we will offer you the opportunity of doing business with us without providing us with personal information, for example, if you make general inquiries about interest rates or current promotional offers.

Credit Reporting Information

We may, on your authority, request a Credit Report from one of the Credit Reporting Agencies on your behalf. Credit Reports provide information on your previous Credit history and may prove useful in determining the lender more suited to your circumstances. A credit report gives us information about your credit history. Credit reports are provided by credit reporting bodies who collect and share credit information with credit providers and other service businesses like phone companies. The Privacy Act limits the information we can give to credit reporting bodies, and that they can give us.

The credit reporting bodies we use are Equifax Pty Ltd, Experian Australia Credit Services Pty Ltd and Illion Australia Pty Ltd. You can download a copy of their privacy policies at: equifax.com.au; experian.com.au; or illion.com.au.

We use information from credit reporting bodies to confirm your identity, assess your ability to manage credit, and manage our relationship with you. A copy of the Credit Report will be made available on your request.

Notifiable matters

The law requires us to advise you of ‘notifiable matters’ in relation to how we may use your credit information. You may request to have these notifiable matters (and this privacy policy) provided to you in an alternative form.

Sometimes your credit information will be used by credit reporting bodies for the purposes of ‘pre-screening’ credit offers on the request of other credit providers. You can contact the credit reporting body at any time to request that your credit information is not used in this way.

You may contact the credit reporting body to advise them that you believe that you may have been a victim of fraud. For a period of 21 days after the credit reporting body receives your notification the credit reporting body must not use or disclose that credit information. You can contact any of the following credit reporting bodies for more information:

The credit reporting bodies we use are Equifax Pty Ltd, Experian Australia Credit Services Pty Ltd and Illion Australia Pty Ltd. You can download a copy of their privacy policies at: equifax.com.au; experian.com.au; or illion.com.au.

Notifiable Data Breaches

From February 2018, the Privacy Act 1988 includes a new Notifiable Data Breaches (‘NDB’) scheme which requires us to notify you and the Office of the Australian Information Commissioner (‘OAIC’) of certain data breaches and recommend steps you can take to limit the impacts of a breach (for example, a password change).

The NDB scheme requires us to notify about a data breach that is likely to result in serious harm to affected individuals. There are exceptions where notification is not required. For example, where we have already taken appropriate remedial action that removes the risk of serious harm to any individuals.

If we believe there has been a data breach that impacts your personal information and creates a likely risk of serious harm, we will notify you and the OAIC as soon as practicable and keep in close contact with you about the nature of the breach, the steps we are taking and what you can do to reduce the impacts to your privacy. If you believe that any personal information, we hold about you has been impacted by a data breach, please contact us.

Cookies

The information that we collect from you when you interact with us online depends on the tasks you complete on this website. When you visit and browse through the website, we collect general information that is not capable of identifying you for statistical and maintenance purposes that enables us to continually evaluate the performance of this website. This general information includes the number of users visiting this website and the number of pages viewed as well as the path taken through this website.

This information is used to generate aggregated, anonymous information about how you and other users use this website and its features. For instance, we collect information about which pages on this website you visit most often, if you open or read the communications we send, which advertisements you view or interact with on this website or other websites on which our advertisements appear, and if you receive any error messages. The information collected may be used to improve users’ online experience generally, to collate statistics, or customise your online experience by showing you content we think you will like. We do not collect information that identifies you personally.

Any information, which is not capable of identifying you, is collected through code embedded in the webpages of this website. You cannot disable the code on these pages.

Other information, such as browser type, is included in a ‘cookie’ that is sent to your computer when you are completing certain tasks on this website. A cookie contains bits of information that enables our servers (i.e. the computers that house this website) to identify and interact efficiently with your computer. Cookies are designed to provide a better, more customised website experience, and to make it easier for you to use this website.

You can configure your browser to either accept all cookies, reject all cookies or to notify you when a cookie is being sent to your computer. The ‘help function’ on your browser will provide you with details on how to change your browser configurations. You will need to accept cookies in order to use some functionality on this website. If you do not wish to receive any cookies you may set your browser to refuse them. However, your use of our website may be affected.

We do not allow third-party advertisers to place their cookies on your device through advertisements on this website.

Direct marketing

From time to time we may use your personal information to provide you with current information about finance, offers you may find of interest, changes to our organisation, or new products or services being offered by us or any company with whom we are associated.

If you do not wish to receive marketing information, you may at any time decline to receive such information by telephoning us on 1300 70 70 39 or by writing to us at 56 Sumners Road, SUMNER QUEENSLAND 4075. If the direct marketing is by email you may also use the unsubscribe function. We will not charge you for giving effect to your request and will take all reasonable steps to meet your request at the earliest possible opportunity.

Complaints

If you are dissatisfied with how we have dealt with your personal information, or you have a complaint about our compliance with the Privacy Act, you may contact our Privacy Officer on 1300 70 70 39 or by writing to us at 56 Sumners Road, SUMNER, QUEENSLAND 4075 or by email to compliance@rostron.com.au

We will acknowledge your complaint within seven days. We will provide you with a decision on your complaint within 30 days.

If you are dissatisfied with the response of our complaints officer you may make a complaint to the Privacy Commissioner which can be contacted on either www.oaic.gov.au or 1300 363 992.

Further information

You may request further information about the way we manage your personal information by contacting us.

Changes to our Privacy Policy

We are constantly reviewing all our policies and attempt to keep up to date with market expectations. Technology is constantly changing, as is the law and market-place practices. As a consequence, we may change this privacy policy from time to time or as the need arises. You may also request this privacy policy in an alternative form.

This Policy was updated on the 10th of November 2021.