Privacy Policy

Website Term of Use

Welcome to our website. The use of our website is governed by the terms and conditions outlined below (“Terms of Use”), together with our privacy policy (“Privacy Policy”).

The expressions “we”, “us” and “our” are a reference to All Metal (Australia) Pty Ltd ACN 151 527 383 (“All Metal”), except where otherwise indicated. The term “you” and “your” refers to the user or viewer of our website.

Please read our Terms of Use, together with our Privacy Policy, carefully.

If you continue to browse and use this website, you are agreeing to comply with and be bound by these Terms of Use, which together with our Privacy Policy, govern All Metal’s relationship with you in relation to this website.

If you do not accept any part of these Terms of Use, you are not authorised to use this website.

General

The content of the pages of this website are for your general information and use only. The pages are subject to change without notice. Amendments will be effective immediately upon notification on this website. It is your responsibility to check these Terms of Use periodically for any changes. Your continued use of the website following such notification will represent an agreement by you to be bound by these Terms of Use (as amended).

Neither we nor any third parties provide any warranty or guarantee as to the accuracy, timeliness, performance, completeness, or suitability of the information and materials found or offered on this website for any particular purpose. Whilst we have no reason to believe that any of the information and materials contained on this website are inaccurate, you acknowledge that such information and materials may contain inaccuracies or errors (including, without limitation, typographical errors, technical inaccuracies, and/or information that is not accurate, complete, or current) and, to the maximum extent permitted by law, we accept no liability for any such inaccuracies or errors, nor do we undertake to keep this website updated. We do not accept responsibility for loss suffered as a result of reliance by you upon the accuracy or currency of information contained on this website.

Your use of any information or materials on this website is entirely at your own risk. It is your responsibility to ensure that any products, services, or information detailed through this website meet your specific requirements.

This website contains material which is owned by or licensed to us. This material includes, but is not limited to, the design, layout, look, appearance and graphics. Reproduction is prohibited other than in accordance with the copyright notice provided below, which forms part of these Terms of Use.

Unauthorised use of this website may give rise to a claim for damages and/or be a criminal offence.

Mode of Access

In order to use this website, you will need internet access, devices, and systems which are compatible with this website. It is your responsibility to ensure that you meet the relevant requirements (which may change from time to time). We have no obligation to make this website available on any particular device or system, whether or not such device or system can currently, or has in the past been able to, access this website.

Privacy Policy          

Last Updated: 23/03/2022

Thank you for placing your trust in All Metal (Australia) Pty Ltd (“we,” “us,” “our”). This Privacy Policy describes how we collect, process, and use your information and explains the choices that you have regarding how we use your personal information.

We are committed to protecting your personal information. By submitting your personal information to us, or by using our services, you acknowledge and consent to us using your personal information in accordance with this Privacy Policy.

This Privacy Policy is intended to enhance the transparency of our operations, to notify you of your rights and our obligations, and to provide you with information regarding:

1. the kinds of personal information which we collect and hold;
2. how we collect, hold, use and disclose personal information;
3. the purposes for which we collect, hold, use and disclose personal information;
4. how you may access personal information that is held by us and seek correction of such information;
5. how you may complain about a breach of the Australian Privacy Principles (“APP”) or registered APP code (if any) that binds us and how we will deal with such complaints;
6. whether we are likely to disclose personal information to overseas recipients; and
7. if we are likely to disclose personal information to overseas recipients, the countries in which such recipients are likely to be located.

This Privacy Policy sets out how we comply with our obligations under the Privacy Act 1988 (Cth) (“Act”).  

Acknowledgement

We acknowledge that we must take reasonable steps when handling personal information.    

Whilst we cannot warrant that this Privacy Policy will be followed in every instance, we will endeavour to follow this Privacy Policy. Similarly, while we cannot warrant that loss, misuse or alteration of information will never occur, we will take all reasonable steps to prevent these things from occurring.

We have taken reasonable steps to endeavour to comply with the APP and the Act, some examples are noted below.

1. Implementation of this Privacy Policy.
2.
Staff training and education.
3. Use of checklists to ensure that all APP are complied with.
4. Clear and transparent procedures regarding the handling of complaints and disclosure of information.

If you require a hardcopy of this Privacy Policy, please contact our Privacy Officer on the details below and we will provide you with a copy.

The kinds of personal information which we will collect and hold

Collection

It is our usual practice to collect personal information directly from the subject individual or their authorised representative(s).  

Personal information means information or an opinion (including information or an opinion forming part of a database), whether true or not, and whether recorded in a material form, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion.   

Some examples of the personal information we might collect include (but are not limited to):

1. your name;
2.
your contact details (such as telephone numbers, addresses (residential and business), and email addresses etc.);
3. your age or date of birth;
4. your occupation and employer’s details;
5. personal identification documentation (including Government Related Identifiers);
6. details relating to your use of our goods and services;
7. payment details; and
8. banking details

Identification  

You may choose to interact with us using a pseudonym and/or not identify yourself.  

In circumstances where we are required to do so, or are authorised by law, a court or tribunal to ask for your identification, we will request your personal information.

Further, it is likely that it will be impractical for us to interact with you without some form of identification, and therefore we will request identification details from you at the beginning of each transaction.

For example, we will not be able to open a commercial credit trading account or process a commercial credit application for you without obtaining identification details.

If you do not consent to the collection of your personal information, in accordance with this Privacy Policy, we may not be able to assist you with the provision of certain services.

How we will collect and hold your personal information

We only collect and hold personal information by lawful and fair means.

There are a number of ways we may collect your personal information, including when you:

1. visit our website;
2.
submit information through our website (including when you apply with us for a position of employment or as a contractor);
3. deal with us face-to-face, in writing (by letter, facsimile, or email), or by telephone;
4. participate in any of our events or promotions, or subscribe to any of our publications; or
5. submit an application, quote, purchase order, or service request to us.

In some circumstances, we may collect and hold personal information that has been collected from a third party (such as an associated entity or service provider) or a publicly available source.

This will likely occur in instances where:

1. you have consented for this collection (which would usually be via our privacy statement and/or credit application form); or
2.
you would reasonably expect us to collect your personal information in this way and it is necessary for us to collect this information for a specific purpose (such as investigation of a complaint).

We will take steps to hold personal information in a manner which is secure and protected from unauthorised access.

Your personal information may be held in either a physical form or in electronic form on our IT system.

Where stored in electronic form on our IT system, we will take steps to protect the information against modification, disclosure, or misuse by including such things as physical restrictions, password protections, internal and external firewalls, and anti-virus software.

We will also endeavour to ensure that our service providers have protection for electronic IT systems and other necessary restrictions.

We will endeavour to ensure our staff are trained with respect to the security of the personal information we hold, and we will restrict any access where necessary.  

While we retain personal information for as long as necessary in relation to the purposes for which it is collected, we will endeavour to destroy and de-identify the personal information once it is no longer required, except as required for business record purposes.

In the event we hold personal information that is unsolicited, and we were not permitted to collect it, the personal information will be destroyed as soon as practicable.  

If we collect personal information about you from someone else, we will advise you as soon as practicable that this information has been collected and the circumstances which surround the collection.

Cookies and the collection of personal information via our website

When you visit our website, we may collect information about the session between your computer and our website through the use of cookies.

Cookies are text files which are stored on your computer or mobile device (by your web browser) that record specific information, such as which pages you visit, the information you have searched for, or the device you are using to access our website.

We use cookies for the purposes of managing and improving our website, improving our business processes, and gathering demographic information about the persons who visit our website, among other things.

Third parties may store cookies on our website, including, by way of example, the following entities.

1. Google Analytics (provided by Google Inc.) to enable us:
(a) to perform statistical analyses of e.g. number of visitors, information on gender, age, location, interests, and the like to learn about our visitors; and
(b) to improve the website friendliness and usability (e.g. on the basis of website traffic measurements).

2. Facebook (provided by Facebook, Inc.) to identify users logged in to Facebook for the purpose of sharing content on Facebook (only when you are logged in to Facebook when visiting our website and only when clicking the Facebook button).

3. LinkedIn (provided by LinkedIn Corp.) to enable the “follow” and “share” features of LinkedIn (only when you are logged in to LinkedIn when visiting our website and only when clicking the LinkedIn button).

You may elect to disable or turn off cookies in your web browser, however, this may impact upon the services we are able to offer you on our website and may impact upon your ability to access certain features of our website. Our server will also automatically record your Internet Protocol address (IP address).

An IP address is a numerical designation assigned to each device connected to a computer network by your internet service provider. While IP addresses can be used to identify the general physical location of a computer, they are otherwise anonymous, and we will not use your IP address to identify you.

Hiring and recruitment

If you apply for a position with us, we may also collect information about your experience, character, qualifications, and screening checks (including background, health, references, directorship, financial probity, identity, eligibility to work, vocational suitability, and criminal record checks).

Sensitive information (such as health information) will only be collected with your consent or where the collection is required or authorised by law.

We collect, use, and disclose your personal information to assess your application, conduct screening checks and consider and contact you about positions available. Your personal information may be exchanged with academic institutions, recruiters, screening check providers, health service providers, professional and trade associations, law enforcement agencies, referees, and your current and previous employers.

We may not be able to further consider you for positions with us without your personal information.

The purposes for which we collect and hold personal information

We will endeavour to only collect and hold personal information which is relevant to the operation of our company.    

Our purpose for collecting or holding personal information about you is so that it may be used directly for our business activities.    

We may use your personal information for the business activities of our company, which include, among other things:

1. assessing credit applications;
2.
reviewing existing credit terms;
3.  assessing credit worthiness;
4. collecting overdue payments;
5. assessing credit guarantees (current and prospective);
6. internal management purposes;
7. administering accounts;
8. managing relationships with our customers;
9. dealing with complaints;
10. supplying you with goods and services;
11. facilitating product and service reviews;
12. business development and marketing purposes (including direct marketing);
13. sales and billing;
14. insurance purposes;
15. complying with legal requirements;
16. establishing, exercising or defending a legal or equitable claim; and
17. training and recruitment.

We may also collect personal information (including sensitive information) for both the primary purposes specified herein and purposes other than the primary purposes, including the purpose of direct marketing.  

We may also collect personal information from other credit providers, Credit Reporting Bodies (“CRBs”) and any other third parties for the purposes of our business activities including, but not limited to, credit, sales, marketing, and administration.

The purposes for which we use and disclose personal information

We will endeavour to only use and disclose personal information for the primary purposes noted above in relation to the business activities of our company.  

In addition, we may also use and disclose personal information (including sensitive information) for both the primary purposes specified herein and purposes other than the primary purposes, including the purpose of direct marketing.

Unless one or more of the below scenarios has occurred, we will take necessary steps to prevent personal information from being given to government agencies or other organisations.   

1. You have provided your consent.
2.
You would reasonably expect that your information would be so disclosed.
3. We have informed you that your personal information will be provided to a third party.
4. We are required by law to provide your personal information to a government agency or other organisation.
5. The disclosure of the information will prevent a serious threat to somebody’s life or health.
6. The disclosure of the information reasonably necessary for the enforcement of criminal law.


Further we will endeavour to only disclose personal information for the purpose in which it was collected, unless disclosure is reasonably necessary to:

1. assist in locating a missing person;
2.
lessen or prevent a serious threat to life, health or safety;
3. take appropriate action with suspected unlawful activity or serious misconduct;
4. facilitate or assist with diplomatic or consular functions or activities;
5. assist certain defence force activities outside Australia;
6. establish or exercise a defined legal or equitable claim; or
7. facilitate or assist confidential alternative dispute resolution activities.

Direct Marketing

We will take steps not to disclose personal information for direct marketing purposes unless you have provided your consent to do so.

In any event you will be provided with an opt out option with respect to direct marketing, should you wish to be excluded from direct marketing.

If you do not elect to ‘opt out’ to receiving direct marketing material from us, you consent to us using personal information (other than sensitive information) provided to us for direct marketing purposes.

We may however use sensitive information for direct marketing purposes if you provide your consent to do so.

You may at any point in time, request to no longer receive direct marketing material from us by opting out.

We will record this information on our opt out register.  

Direct Marketing and Third Parties

We may also from time to time, if we have received your consent, provide your personal information to a third party for the purposes of direct marketing.

You may at any time request the source of the personal information that has been disclosed.

Government Related Identifiers

We will endeavour not to use or disclose a government related identifier, unless:

1. the use or disclosure of the identifier is reasonably necessary for us to verify your identity for the purposes of our business activities; or
2. the use or disclosure of the identifier is reasonably necessary for us to fulfil our obligations to an agency or a State or Territory authority; or
3. the use or disclosure of the identifier is required or authorised by or under an Australian law or a court or tribunal order; or
4. a permitted general situation (as that term is defined in the Act) exists in relation to the use or disclosure of the identifier; or
5. we reasonably believe that the use or disclosure of the identifier is reasonably necessary for one or more enforcement related activities conducted by, or on behalf of, an enforcement body.

Disclosure to CRBs

As indicated above, we may disclose personal information to a CRB in accordance with the permitted disclosures as defined under the Act.  

We may disclose your Credit Information to the following CRBs listed below.

Equifax Australia

Level 15, 100 Arthur Street

NORTH SYDNEY NSW 2060

Tel: 1300 921 621

Creditor Watch

Level 13, 109 Pitt Street

SYDNEY NSW 2000

Tel: 1300 501 312

NCI

Level 2, 165 Grenfell St

ADELAIDE SA 5000

Tel: 1800 882 820

Illion

Level 2, 143 Coronation Drive

MILTON QLD 4064

Tel: (07) 3360 0600

Experian

Level 6, 549 St Kilda Road

MELBOURNE VIC 3004

Tel: (03) 9699 0100

A copy of the credit reporting policy for the CRBs listed above will be available on their website or will be provided in hard copy upon request.

How you may access your personal information

You are entitled to access your personal information held in our possession.

We will endeavour to respond to your request for personal information within a reasonable time period or as soon as practicable in a manner as requested by you. We will normally respond within thirty (30) days.

You can make a request for access by sending an email or letter addressed to our Privacy Officer, the details of which are as follows.

           The Privacy Officer

 All Metal (Australia) Pty Ltd

Address: PO Box 6164, Wetherill Park BC NSW 1851

Telephone:   1300 721 704

Email:   credit@allmetalaust.com.au

With any request that is made we will need to authenticate your identity to ensure the correct person is requesting the information.  

We will not charge you for making the request, however, if reasonable we may charge you with the costs associated with your request.  

You will only be granted access to your personal information where we are permitted or required by law to grant access. We are unable to provide you with access that is unlawful.

Further we are not required to, and will not, give access to personal information to the extent that:

1. we reasonably believe that giving access would pose a serious threat to the life, health, or safety of any individual, or to public health or public safety; or
2.
giving access would have an unreasonable impact on the privacy of other individuals; or
3. the request for access is frivolous or vexatious; or
4. the information relates to existing or anticipated legal proceedings and the information would not be accessible in normal discovery procedures; or
5. giving access would reveal the intentions of us in relation to negotiations and this disclosure would prejudice those negotiations; or
6. denying access is required or authorised by or under an Australian law or a court or tribunal order; or
7. we have reason to suspect that unlawful activity, or misconduct of a serious nature, that relates to our business activities has been, or may be engaged in; or
8. giving access would be likely to prejudice the taking of appropriate action in relation to the matter; or
9. giving access would be likely to prejudice one or more enforcement related activities conducted by, or on behalf of, an enforcement body; or
10. giving access would reveal evaluative information generated within us in connection with a commercially sensitive decision-making process.

If we refuse access to the information, written notice will be provided to you setting out:

1. the reasons for the refusal (except to the extent that, having regard to the grounds for the refusal, it would be unreasonable to do so);
2.
the mechanisms available to complain about the refusal; and
3. any other matter prescribed by the regulations.

Correction

Should we hold personal information, and it is inaccurate, out of date, incomplete, irrelevant, or misleading, or incorrect you have the right to make us aware of this fact and request that it be corrected.

If you would like to make a request to correct your information, please contact our Privacy Officer.  

In assessing your request, we need to be satisfied that the information is inaccurate, out of date, incomplete, irrelevant, or misleading. We will then take all reasonable steps to ensure that it is accurate, up-to-date, complete, and not misleading.   

It is our normal policy to resolve any correction requests within thirty (30) days. If we require further time, we will notify you in writing and seek your consent.

Should we refuse to correct your personal information written notice will be provided to you setting out:

1. the reasons for the refusal (except to the extent that, having regard to the grounds for the refusal, it would be unreasonable to do so); and
2.
the mechanisms available to complain about the refusal; and
3. any other matter prescribed by the regulations.

We will endeavour to notify any relevant third parties of the correct personal information where necessary and required.  

Notifiable Data Breaches

A Notifiable Data Breach is an event where access to your personal data has been gained and there is a risk of serious harm or it is suspected that there is a serious risk to you.

In the event of a Notifiable Data Breach, we will notify you. Examples of Notifiable Data Beaches include:

1. loss or theft of physical devices (such as laptops and storage devices) or paper records that contain personal information;
2. unauthorised access to personal information by an employee; and
3. inadvertent disclosure of personal information due to ‘human error’ (e.g. an email sent to the wrong person).

Complaints

In the event that you wish to make a complaint about a failure of us to comply with our obligations in relation to the Act or the APP please raise this with our Privacy Officer.

We will provide you with a receipt of acknowledgment as soon as practicable.

We will then endeavour to respond to your complaint and attempt to resolve the issues within thirty (30) days.

In dealing with your complaint, we may need to consult another credit provider or third party.

If you are not satisfied with the process of making a complaint to our Privacy Officer, you may make a complaint to the Information Commissioner, the details of which are below.

Office of the Australian Information Commissioner

  GPO Box 5218 Sydney NSW 2001
  Email: enquiries@oaic.gov.au
  Telephone: 1300 363 992
  Facsimile: (02) 9284 9666

The Information Commissioner can decline to investigate a complaint on a number of grounds including, among other things, where the complaint wasn’t made at first to us.

For more information about privacy in general, you can visit the Australian Information Commissioner’s website: https://www.oaic.gov.au/.

Disclosure to overseas recipients

We may choose to, if permitted by law, share and/or disclose your personal information with recipients outside of Australia.

We are required to notify you with a list of any countries which personal information may be transmitted to or disclosed where it is practical for us to do so.  

We currently do not share or disclose personal information overseas.

If you have any queries regarding this Privacy Policy or wish to find out more regarding any of our other policies, please contact our Privacy Officer on the details listed above.

Security

We take all reasonable steps to keep secure any information which we hold about you. Personal information may be stored both electronically on our computer system, and in hard-copy form. Firewalls, passwords, anti-virus software, and email filters act to protect our electronic information.

Changes to this Privacy Policy

We will update this Privacy Policy from time to time. We therefore recommend that you read it each time you visit our website. If you do not agree with the Privacy Policy at any time, please do not continue to use our website. If you do continue to use our website, you are deemed to have accepted the terms of the Privacy Policy as they appear at the time of use.

 

ALL METAL – STATEMENT OF NOTIFIABLE MATTERS

All Metal (Australia) Pty Ltd ACN 151 527 282 and its related bodies corporate are referred to as “we”, “our”, or “us” in this statement.

Important information relating to credit reporting

Under Part IIIA of the Privacy Act and Credit Reporting Privacy Code, there are several ‘notifiable matters’ that we must disclose to you at or before the time of collecting personal information that is likely to be disclosed by us to a Credit Reporting Body (CRB). This statement contains important information about credit reporting, including information about the CRBs we may disclose your credit-related information to, and should be read in conjunction with our Credit Reporting Policy.

Notifiable matters

You should be aware of the following matters:

1. You can obtain a copy of our Credit Reporting Policy directly from our website or by contacting our Privacy Officer using the following details:

By telephone: 1300 721 704

In writing: The Privacy Officer, All Metal (Australia) Pty Ltd
PO Box 6164, Wetherill Park BC, NSW 1851

By email: credit@allmetalaust.com.au

2. You have a right to access the credit-related information we hold about you, request that we correct the credit-related information we hold about you and/or make a complaint about a failure by us to comply the credit reporting provisions of the Privacy Act or the Credit Reporting Privacy Code. Information about how you how you can make an access or correction request, or make a complaint to us, is set out in our Credit Reporting Policy (including information about how we will deal with a complaint).

3. If you commit a serious credit infringement, we may be entitled to disclose that infringement to a CRB.

4. We are not likely to disclose your credit-related information to entities that do not have an Australian link.

5. A CRB may include the credit-related information we disclose to it in reports which are provided to other credit providers to assist those other credit providers to assess your credit worthiness.

6. You have a right to request that a CRB not use their credit-related information for the purposes of pre-screening of direct marketing by a credit provider, and that a CRB not use or disclose your credit-related information if you believe, on reasonable grounds, that you have been or are likely to be a victim of fraud.

7. The CRBs we deal with are Veda and Dun & Bradstreet. You can obtain a copy of Veda’s credit reporting policy from its website at www.illion.com.au or by contacting it directly on telephone number 1300 762 207. You can obtain a copy of Dun & Bradstreet’s credit reporting policy from its website at www.illion.com.au or by contacting it directly on telephone number 1300 734 806.

ALL METAL – CREDIT REPORTING POLICY

This Credit Reporting Policy sets out how All Metal (Australia) Pty Ltd ACN 151 527 282 and its related bodies corporate (referred to as “we”, “our”, or “us” in this policy) manages the personal information we obtain from credit reporting bodies (CRBs) and other types of credit-related personal information. We are committed to protecting your privacy and ensuring that we comply with the Privacy Act and Credit Reporting Privacy Code (CR Code).

This Credit Reporting Policy does not apply to the commercial credit we provide to companies. However it will apply to an individual who applies to us for commercial credit, and to other individuals we deal with in connection to the provision of commercial credit (such as directors and individual guarantors). If you are unsure whether this Credit Reporting Policy applies to you, please contact our Privacy Officer using the contact details set out below.

This Credit Reporting Policy should be read in conjunction with our Privacy Policy.

We conduct regular reviews of our policies and procedures, and we may change our Credit Reporting Policy from time to time. The most current version of our Credit Reporting Policy will be available on our website. A copy of our Credit Reporting Policy is also available free of charge by contacting our Privacy Officer using the contact details set out below. We will take reasonable steps to provide a copy of our Credit Reporting Policy in the form requested.

What types of credit-related information do we collect and hold?

The types of information we collect and hold may include:

• Identification details, such as your name, address(es), telephone number(s), date of birth, driver’s licence number, and current or last known employer

• Details of consumer and commercial credit you have applied for (including the type and amount of credit), where we have requested that information in connection with an application for credit and/or a guarantee

• Information about payment(s) of $150 or more which become more than 60 days overdue

• Information about new credit arrangements you may have made with a credit provider (such as variation of existing credit terms and conditions or the provision of new credit)

• Information about your current or terminated credit accounts (including the name of the credit provider, the date on which the credit was entered into and/or terminated, and the limit of the credit account)

• Advice that payments that were previously notified as unpaid are no longer overdue

• That we have made an information request about you to a CRB to assess a credit application and/or a guarantee
• That another credit provider, or a trade insurer, or a mortgage insurer, has made an information request about you to a CRB

• Information provided to us by a CRB, including information about you which assists us to assess your suitability for commercial credit or as a guarantor of commercial credit

• The type and amount of commercial credit we provide to you or that you have sought from us in a commercial credit application

• That you have offered to act as guarantor in relation to a commercial credit application made to us, or that you are acting as guarantor in relation to commercial credit provided by us

• That commercial credit we provided (to you, or an entity associated with you, or in your capacity as guarantor) has been paid or otherwise discharged

• Whether, in our opinion or the opinion of another credit provider, you have committed a serious credit infringement

• Publicly available information that relates to your activities in Australia and your credit-worthiness

• Information about you on the National Personal Insolvency Index

• Information about court judgment(s) which relate to credit you have obtained or applied for

The Privacy Act has detailed definitions describing the types of information set out above. However in this Credit Reporting Policy we collectively refer to these types of information as “credit-related information”. We will only collect credit-related information about you by lawful and fair means, and in accordance with the Privacy Act and CR Code.

How do we collect your credit-related information?

We may obtain credit-related information about you from:
• Veda and Dun & Bradstreet (the CRBs we deal with)

• Information about your commercial credit-worthiness from businesses that provide that type of information (such as the Building Industry Credit Bureau and Building Trade Credit)

• Information you provide to us, including the information contained in a completed application for commercial credit and/or guarantee (such as your name, date of birth, residential and/or business address, contact details, trade references, banking details, assets, income, and financial position)

• Other credit providers (where you consent to us collecting that information or we are permitted to do so under the Privacy Act)

• Information we collect in the course of our dealings with you in connection with credit, such as when you make payments to us Where we outsource our functions to third party services providers, those providers may also credit-related information from you on our behalf.

Why do we collect, hold, use and disclose your credit-related information?

We may collect, hold, use, and disclose credit-related information about you that is reasonably necessary for our business purposes and as permitted by law. Those purposes may include:

• Verifying your identity

• Assessing an application made to us for commercial credit (by you or an entity associated with you)

• Assessing whether we will continue to provide commercial credit (to you or an entity associated with you)

• Assessing your suitability as a guarantor where you have offered to provide us with a guarantee in relation to an application for commercial credit, or in relation to commercial credit already provided by us

• Deriving scores, ratings, summaries, and evaluations relating to your credit-worthiness which are used in our decision-making processes

• Assisting you to avoid defaulting on your credit-related obligations to us

• Managing the credit we provide and our relationship with you

• Undertaking debt recovery and enforcement activities (including in relation to guarantors)

• Disclosing your credit-related information to a guarantor, or someone you have indicated is a prospective guarantor, in relation to an application for commercial credit or in relation to commercial credit already provided by us
• Disclosing your credit-related information to our related bodies corporate that are also considering whether to provide credit (to you or an entity associated with you and/or in your capacity as guarantor)

• Disclosing your credit-related information for our internal management purposes

• Disclosing your credit-related information to other third parties that provide services to us (including debt collectors, lawyers, and advisers)

• Dealing with any complaints, or access or correction requests you make to us

• Responding to a consultation request made to us by a CRB or another credit provider

• Conducting fraud assessments and dealing with serious credit infringements

• Exchanging information (including default information) with other credit providers, as permitted by the Privacy Act and CR Code

• Participating in the credit reporting system and exchanging information with CRBs as permitted by Part IIIA of the Privacy Act and CR Code.

• Satisfying legal and regulatory requirements

• Where you otherwise expressly consent to our collection, use and/or disclosure of your credit-related information
Some credit-related information may only be used or disclosed under the Privacy Act for some of these purposes, or in some of those circumstances. We are not likely to disclose your credit-related information to recipients located outside of Australia.

We may refuse an application for commercial credit and/or reject a guarantee based wholly or partly on your credit-related information.

Disclosing credit-related information to CRBs

We may disclose your credit-related information to a CRB for the purposes set out above and where the Privacy Act permits us to do so. The types of information we may disclose to a CRB include:

• That you have applied for credit with us (including the amount of credit) and/or that we are a current provider of credit to you

• That you have guaranteed credit to us (including the amount of credit guaranteed)

• That you have failed to meet your payment obligations to us (including the amount of an outstanding debt)

• Advice that payments that were previously notified as unpaid are no longer overdue

• That credit we provided to you has been paid or otherwise discharged

• That a guarantee you provided to us has been satisfied or otherwise discharged

• In some circumstances, that in our opinion you have committed a serious credit infringement

CRBs may include that information in reports provided to credit providers like us to assist them in assessing your creditworthiness.
Under the Privacy Act, CRBs are permitted to use credit reporting information to assist credit providers who wish to direct market to you by ensuring you meet certain criteria. This is known as “pre-screening”. You have a right to contact a CRB and request (at no cost to you) that a CRB does not use your information for this purpose.

You also have a right to request that a CRB not use or disclose your credit-related information if you reasonably believe that you have been, or are likely to be, a victim or fraud (including identity fraud).

You can contact the CRBs we exchange information with using the details below:
Veda
Veda – Customer Resolutions
PO Box 964
North Sydney NSW 2059
1300 762 207
corrections@veda.com.au

You may obtain a copy of Veda policy about their management of credit-related information by contacting them or visiting their website.

Dun & Bradstreet
Attention: Public Access Centre
PO Box 7405
St Kilda VIC 3004
1300 734 806
pac.austral@dnb.com.au

You may obtain a copy of Dun & Bradstreet’s policy about their management of credit-related information by contacting them or visiting their website.

Exchange of credit-related information with trade insurers

In connection to an application for commercial credit, trade insurers may also obtain credit-related information about you from us or a CRB for the purpose of assessing whether to provide insurance to us in relation to the commercial credit we provide you (including assessment of the risk of insuring us, the risk of default by you and/or you in your capacity as a guarantor).

Use of third party service providers

We will disclose your credit-related information when we outsource certain of our functions to third party service providers. The functions we may outsource include:

• Managing the supply of our products and services
• Establishing credit accounts and managing credit provided to our customers
• Assessing credit applications and/or guarantees
• Responding to enquiries about applications, accounts, and our products and services
• Conducting checks for credit worthiness and/or fraud
• Debt collection

Where we disclose your credit-related information to our third party service providers, we required those providers to comply with the Privacy Act and CR Code. Our third party service providers will not collect, use, or disclose your personal information for any purpose other than our own, as set out in this Privacy Policy.

How do we store and protect your credit-related information?

We store credit-related information in both paper-based records and in electronic form (such as on computer servers) on our systems or the systems of our service providers. We take all reasonable precautions to safeguard your information from misuse, interference and loss, and unauthorised access, modification or disclosure, including:

• Restricting access to credit-related information stored in our electronic and paper-based records

• Using technology products to prevent unauthorised access to our electronic databases (such as industry standard firewalls) and ensure the security of electronic transmissions

• Training, policies and procedures in relation to the use of our computers and management of credit-related personal information (including informing and training our employees who handle credit-related information of the requirements of the Privacy Act, CR Code, and Privacy Regulations)

• Requiring all of our third party service providers to handle personal information in accordance with the Privacy Act, CR Code and Privacy Regulations

When we no longer need your credit-related information, and we are not required by law to retain the information, we will take reasonable steps to destroy that information or to ensure it is de-identified.

The internet is not a secure method of transmitting information. Other than where we use Secure Socket Layer (SSL) technology (such as for the transmission of credit card information), to the maximum extent permitted by law we cannot and do not accept responsibility for the security of information you send to or receive from us over the internet, or the unauthorised access or use of that information.


Get A Quote