In the event that legislative or regulatory requirements conflict or require a higher standard than this Policy, the law or regulation shall prevail, and the policy owner must be advised.
About this Policy
The purpose of this Privacy & Credit Reporting Policy is to tell you how we manage your personal and credit information. This includes:
– The kinds of personal information that we collect and hold about you;
– How we collect your information;
– How we hold your information;
– The purposes for collecting, holding, using and disclosing your information;
– The circumstances we may disclose personal or credit information;
– How you may access your information held by us, and correct that information where it is incorrect;
– How you may make a complaint about the way we collect, hold, use or disclose personal or credit information, and how we will deal with privacy and credit related complaints;
– Our contact details.
If you do not allow us to collect all of the personal information we reasonably request, we may not be able to deliver our services to you or on your behalf or be unable to identify you to enable us to proceed with providing our services to you.
You may interact with us anonymously or by using a pseudonym if the interaction is general in nature. However, if the interaction is specific to an account or relates to your personal information, we will need to identify you before we can engage in further discussions and correspondence. This Policy will be kept up to date and published on www.completecredit.com.au.
Complete Credit Solutions and all related entities are committed to protecting your privacy, confidentiality, security and integrity of your personal information held by us. As part of that commitment, we aim to comply fully with the Australian Privacy Principles for the fair handling of personal information, as set out in:
– The Privacy Act 1988 (Cth) (”The Act”); and
– The Privacy Amendments (Enhancing Privacy Protection Act 2012) & (Notifiable Data Breaches Act 2017): and
– The Privacy (Credit Reporting) Code 2014 (Version 2.1) (“CR Code”), which governs credit reporting in Australia.
The Australian Privacy Principals can be located: Australian Privacy Principals
The Credit Reporting Code can be located: The Credit Reporting Code
‘Privacy’ refers to the ability of an individual (or group) to seclude themselves, or information about themselves.
‘Personal Information’ refers to information or an opinion about an identified individual, or an individual who is reasonably identifiable:
- whether the information or opinion is true or not; and
- whether the information or opinion is recorded.
‘Sensitive information’ is personal information that includes information to your racial or ethnic origin, criminal history, sexual orientation, health information, or membership of any trade or professional associations.
All CCS employees and contractors have the responsibility for ensuring that private and sensitive information is kept secure at all times.
CCS must monitor for any suspected breaches of customer data (PI) and respond in accordance with Notifiable Data Breach amendment of 2018.
How your personal information is collected:
We collect your personal information when we perform debt collection services for ourselves and our clients. Where reasonably possible, we shall collect personal information directly from you. If we are unable to collect personal information from you, other sources which Complete Credit Solutions collects your personal information include:
– Credit Reporting Bodies;
– The credit provider(s) who assigned your account(s) to us;
– Our clients who appointed us to collect debts on their behalf;
– Any third party who we believe may be able to assist us in contacting you (where you have not been readily contactable directly) including family members, friends, colleagues, or referees;
– Publicly available sources of information or databases subscribed to by Complete Credit Solutions such as people search databases, property, and tenancy databases; and
– Any third party authorised by you to be your representative.
What personal information we collect:
We will only collect your personal information where it is reasonably necessary in connection with the services we are providing you. The types of personal information we will collect include:
– Your full name and contact details, including your residential address;
– Your date of birth;
– Banking details;
– Employment information;
– Drivers licence number and identification information;
– Number of dependents, spouse details & alternative methods to contact you; and
– Credit-related information including financial information, assets & liabilities, payment & transaction history, default, court proceedings, and personal insolvency information.
Some elements of personal information are also referred to as sensitive information, these include:
– Membership of a political association;
– Membership of a professional or trade association or union membership; and
– Criminal history.
We will only collect sensitive information with your consent, or when permissible under the applicable privacy legislation and will only use this information for a legitimate purpose where this is reasonably necessary.
We may also monitor telephone conversations for training and quality purposes. Please inform the operator if you do not wish your call to be monitored. When a call is monitored it may be recorded. Any recorded calls are only retained for training, record, and quality purposes.
How we use your personal information:
Complete Credit Solutions uses your personal information for the following purposes:
– To comply with legal or regulatory requirements or as authorised by legal or regulatory requirements;
– For compliance, quality assurance and staff training purposes. For example, when we communicate with you through phone calls, we may record the telephone conversation for this purpose;
– To assess your credit worthiness;
– To allow us to appropriately manage your account, which includes identifying you and arranging for payment of the outstanding balance on your account;
– To conduct checks with credit reporting bodies such as Equifax, Illion and Experian.
We will generally not use or disclose your personal information for any other purpose without your consent, but may do so in certain circumstances where:
– It is sufficiently related to an activity described above and you would reasonably expect us to use or disclose your personal information for that purpose;
– Required in relation to an external dispute resolution process;
– We reasonably believe it is required for enforcement related activities of an enforcement body;
– It is connected with an entity subject to the ‘Act’ to locate a person who has been reported as missing;
– Required to establish, exercise, or defend a legal or equitable claim;
– We suspect you have engaged in unlawful activities or serious misconduct and the use or disclosure of your personal information is required for us to take appropriate action in relation to the matter.
How we hold and protect personal and credit information:
Much of the information we hold about you will be stored electronically in secure data centres that are located in Australia. We do not store or send any of your Personal Information outside of Australia.
We use a range of physical, electronic, and other security measures to protect the security, confidentiality, and integrity of the personal information we hold including:
– Access to our information systems is controlled through physical facility controls and identity & access management controls;
– Employees and our contracted service providers are bound by internal information security policies and are required to keep information secure;
– All employees are required to complete training about privacy and information security; and
– We regularly monitor and review our compliance with internal policies and industry best practice.
You acknowledge that the transmission of unencrypted (or inadequately encrypted) data over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet and you do so at your own risk. Our website links to external websites and we take no responsibility for the privacy practices or the content of these other sites.
In order to satisfy our legal obligations, we may need to retain your information after a transaction, or a relationship has ended. However, we will not retain your identifiable personal information longer than is reasonably necessary and permitted under relevant Australian laws.
We have also put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so. Our intent is to notify within 24 hours or as soon as we become aware of any breach.
Disclosure of information:
Throughout our business we may disclose your personal information to our associated companies, outsourced service providers, or our clients who refer us work. We may also disclose your personal information to:
– A credit reporting body, in any manner that is permitted under the Act, and the CR Code;
– The credit provider who assigned your account(s) to us;
– Our accountants, auditors, lawyers;
– Your representatives (authorised party, guarantors, lawyer, financial adviser, executor, administrator or trustee);
– Any person to whom such disclosure is required by law or regulatory requirement or pursuant to a court order;
– Our service providers, agents or contractors appointed to provide services to Complete Credit Solutions or its related, associated or affiliated companies; and
– Parties where you have given your consent.
In respect of our dealings with credit reporting bodies it is important to note that:
– Personal information you provide may be included in reports to other credit providers to assist them to assess your credit worthiness;
– That if you fail to meet your payment obligations in relation to consumer credit, or you commit a serious credit infringement, we may be entitled to disclose that to credit reporting bodies;
– You may request that credit reporting bodies do not use their credit reporting information for the purposes of pre-screening direct marketing by another credit provider; and
– That a credit body does not use or disclose credit reporting information about you, if you believe on reasonable grounds that you have been or are likely to be, a victim of fraud.
Credit reporting bodies will generally only be provided with information regarding your identification, credit worthiness, the credit product held or being sought, your repayment history, any defaults, and any serious credit infringements committed by you (such as fraudulently trying to either obtain credit or evade your obligations in respect to that credit). In the event we disclose default information about you to a credit reporting body, we will advise that credit reporting body when you have fully discharged the default amount.
Accessing your personal information:
The summary of your principal rights under Australian Privacy Laws are:
– To request, at any time, for us to inform you of the personal information we hold about you;
– The right to access;
– The right to rectification;
– The right to erasure (where we have no legitimate right or business requirements to retain your personal information);
– The right to restrict or object to processing (where we have no legitimate right or business requirements to retain your personal information);
– The right to complain to a supervisory authority; and
– The right to withdraw your consent (where we have no legitimate right or business requirements to retain your personal information).
You can request to access your personal information by contacting us directly. You will be required to provide a copy of your driver’s licence or another form of government identification document to confirm your identity.
No fee is charged for lodging a request for access. In some cases, we may charge a reasonable fee to provide access to your personal information, but we will advise you before we provide access if there is a fee payable.
In certain circumstances set out in the Privacy Act 1988 you will not be able to access your personal information, for example when:
– The information is relevant to legal proceedings between us and could not be obtained by you through the discovery process for those proceedings;
– Disclosure would be unlawful;
– We reasonably suspect you have engaged in unlawful activity or serious misconduct relating to our activities, and giving access would prejudice our ability to take appropriate action in respect of your conduct;
– Granting access would prejudice one or more enforcement related activities conducted by an enforcement body;
– Providing the information to you may lead to harm to yourself or others; or
– If we consider the request to be frivolous or vexatious.
If we do not grant you access to all or some of your personal information, we will provide you with a written statement explaining why we denied your request for access.
Making a complaint:
If you want to make a complaint about our handling of personal or credit information, we ask that you contact us first. We will then follow our Internal Dispute Resolution (IDR) process.
- Speak with the relationship manager that is managing your matter; or
- Request to speak with a manager or our Internal Dispute Resolution team at any time; or
The contact details of the above-mentioned advocates are listed below:
Phone: 1300 930 070
Mail: Complete Credit Solutions
PO Box W167
Parramatta NSW 2150
If the complaint remains unresolved, you may refer it to the Australian Financial Complaints Authority (“AFCA”) in Australia. AFCA may independently and impartially resolve disputes between customers and participating members on matters including privacy matters. Their contact details are:
Australian Financial Complaints Authority (AFCA)
Alternatively, you may refer the matter to the Office of the Australian Information Commissioner (the “OAIC”). The contact details for the OAIC are:
Monitoring and review:
This Policy will be reviewed on an annual basis. This Policy may be updated more frequently in the event of any information, regulatory updates or incident that indicates changes may be required.
Last updated Mar 2022.