Privacy & Credit Reporting Policy
At Flexigroup it is important to us that we manage your personal information securely and consistently with relevant legislation, including the Privacy Act 1988 (Cth) (“Privacy Act”) as well as the Credit Reporting Privacy Code (where applicable).
This Policy outlines how Flexigroup and its related companies, including Flexirent Capital Pty Limited ACN 064 046 046; Lombard Finance Pty Limited ACN 099 651 877; Once Credit Pty Limited ACN 112 319 632, Flexi Online Pty Limited ACN 154 594 199, Rent Smart Pty Limited ACN 073 225 457 and Rent Smart Servicing Pty Limited ACN 145 684 751 (“we / us”) collect, disclose, use, store or otherwise handle personal information.
The kinds of personal information (including credit-related information) we collect, and the purposes for which we do that;
- how we manage the personal information that we collect about you;
- how you can seek access to and correction of that information;
- if necessary, how you can make a complaint relating to our handling of that information.
This policy is not limited to current customers or guarantors of customers (where applicable) – it relates to other individuals who deal with us, whether in relation to the provision of credit or otherwise.
1. Information we may collect
We will collect certain information about you depending on the circumstances in which the product or service is being provided. This information can include:
- key personal information such as your name, residential and business addresses, telephone numbers, email and other electronic addresses,
- financial and related information, such as your occupation, accounts, assets, expenses, income, dependents, and regarding your employment, financial and business dealings and other relevant events;
- your transaction history (with us and our associates or relevant third parties). This information includes products you may have used with us in the past, your payment history, and the capacity in which you have dealt or deal with us;
- other relevant information - depending on the circumstances this may also include health and medical information (eg if it is relevant to a hardship request), membership of professional bodies, tax file number information (other government identifiers (eg if relevant to identifying you).
2. Personal information that relates to credit
In the event that we need to collect information about you in relation to credit matters, this can include:
- information such as account numbers or customer identifier numbers;
- credit application history with us and other credit providers, such as the type of credit you applied for, the amount of credit you have applied for, the start and end date of relevant credit;
- repayment history information, such as and whether you owe any payments to us or another credit provider (regardless of the capacity in which that credit was provided) that are overdue by 60 days;
- credit ratings, scores and evaluations about you and your credit worthiness;
- Court proceedings information about you. This is information about a judgment of an Australian court that is made against you that relates to credit that was provided to, or applied for, by you, such as whether you have been declared bankrupt or have been subject to insolvency;
- whether we have accessed your credit information previously;
- default information about you. This is information about a payment owed by you as a borrower or guarantor in connection with consumer credit that remains overdue for more than 60 days and which we can disclose to a credit reporting body if certain requirements under the Privacy Act are met;
- payment information about you. Payment information is a statement that an overdue payment in relation to which default information was provided to a credit reporting body has been paid;
- new arrangement information about you. This is information about you having entered into certain types of arrangements with us in relation to consumer credit where you have been overdue in making a payment and we have provided default information to a credit reporting body. New arrangement information is either that the terms of conditions of that consumer credit have been varied as a result of you being overdue or that you have been provided with new credit relating to the original amount of credit;
- personal insolvency information about you. This is information recorded in the National Personal Insolvency Index and relating to your bankruptcy, a debt agreement proposal given by you, a debt agreement made by you, a personal insolvency agreement executed by you, a direction given, or an order made, under the Bankruptcy Act that relates to your property or an authority signed under the Bankruptcy Act that relates to your property;
- publicly available information about you:
- that relates to your activities in Australia or the external Territories and your credit worthiness; and
- that is not court proceedings information about you or information about you that is entered or recorded in the National Personal Insolvency Index;
- An opinion we have on reasonable grounds that you have committed a serious credit infringement in relation to consumer credit that we have provided to you. A serious credit infringement includes, in summary:
- that you were fraudulently obtaining (or attempting to obtain) consumer credit; or
- that you are fraudulently evading (or attempting to evade) your consumer credit obligations;
- that you are no longer intending to comply with your consumer credit obligations we have not been able to contact you for 6 months in accordance with the Privacy Act.
3. Applicability of policy to credit related information
We set out above some of the consumer credit information relating to individuals that we may collect.
The Privacy Act has certain specific rules about two types of consumer credit related information:
- credit information – this information relates primarily to your credit-related dealings with us and we can disclose this information to credit reporting bodies that report on consumer credit worthiness (“CRBs”).
- credit eligibility information (“CEI”) – this information is provided to us by CRBs, so it may also include information about your credit related dealings with other credit providers. CEI also includes any credit worthiness information that we derive from the data from a credit reporting body, for example credit ratings, scores and evaluations about you and your credit worthiness.
The entities covered by this Policy do not all collect or hold CEI or credit information. Where we do collect or hold these types of information, this Policy also applies to it.
4. How we collect the information
In many circumstances, we will collect the above information primarily from you (or from someone who is representing or assisting you). However, there are certain instances in which we will collect information about you from third parties where it is unreasonable or impracticable to collect it directly from you. For example, even where your application is for consumer credit, we may collect information about you from a business which provides information about commercial credit worthiness for the purpose of assessing your application.
Other third parties that we may collect your information from include:
- our agents;
- your co-applicant (if any);
- your employers, accountant, referees, banks, landlords, guarantors, lawyers, financial advisers or others with whom you have previously had dealings;
- other FlexiGroup entities who may have information about you;
- in relation to credit information – by contacting relevant CRBs and other credit providers who may have information about you relevant to us;
- in relation to identification information – by contacting relevant CRBs and other identification service providers;
- by accessing information about that is in the publicly available (eg internet sources or a search of white pages);
- card schemes;
- insurers (such as insurers who provide insurance in relation to your credit);
- your executor, administrator or attorney;
- service providers to us (including debt collection agencies, introducers, private investigators, professional advisers);
- professional organisations;
- public and subscriber only databases;
- any person considered necessary in our view to execute your instructions; and government authorities.
5. How we hold and protect your personal information
We will hold your personal information in paper or other physical form, but it is usually held in electronic form on our systems. Service providers may hold the information for us. Your personal information is protected by various physical, electronic and procedural safeguards. Where a service provider holds your information, we require those service providers to adhere to our approved standards of security and confidentiality to ensure the continuing protection of your personal information.
We train staff who handle your personal information to ensure that your personal information is handled appropriately. Our procedures ensure that your personal information is only made available to staff where necessary.
6. Purposes for which we may collect, hold, use and disclose your personal information
Personal information we collect about you will only be held, used and disclosed as is reasonably necessary for our business purposes and as permitted by law.
Purposes for which we will usually hold, use and disclose your personal information, depending on the circumstances and the nature and products and services you are obtaining from us, include:
- in order for us to decide whether to provide a product applied for or service requested (this might include evaluating your credit worthiness, or deciding whether to accept you as a guarantor);
- providing the products or services that we provide, including related arrangements (for example, where we provide you with a credit to make a purchase, or where our product is a payment service, that includes arranging for the purchase to be paid for or the payment to be made);
- managing the products and services the we provide;
- the ongoing monitoring of credit worthiness;
- to detect and prevent instances of fraud, unlawful conduct, and other risks to you or our products and services;
- to administer your insurance policy, assess any insurance risks or claims associated with you or our products or services;
- dispute and complaint resolution, and assisting other credit providers to do the same;
- enforcing our rights, including the collection of outstanding payments and where necessary, initiating legal proceedings
- undertaking review and maintenance of our systems and infrastructure, undertaking research and development regarding potential products and services;
- undertaking securitisation activities and other activities relating to funding and capital requirements;
- enabling our associated entities and selected other entities to promote their products and services to customers;
- meeting any legal and regulatory requirements we are subject to, or may be imposed on us.
- marketing products and services provided by us and our related entities;
- developing an understanding of the products and services you may be interested in receiving from us and our related entities;
- compiling statistical data e.g. credit scoring information
- participating in the credit reporting system and providing information to CRBs as permitted by Part IIIA of the Privacy Act and the Credit Reporting Code;
- assisting customers in meeting their credit related obligations;
- enforcing our rights, including debt recovery and other enforcement; and
- dealing with serious credit infringements, and assist other credit providers to do the same.
- complying with various Australian laws which may specifically require us to collect your personal information, and to other laws where collecting your information is necessary in order for us to comply with our obligations. Some of the key laws which may apply include:
- the National Consumer Credit Protection Act,
- the Anti-Money Laundering and Counter-Terrorism Financing Act,
- the Personal Property Securities Act and State and Territory real property and security interests laws,
- the Financial Sector (Collection of Data) Act,
- the Corporations Act and other regulatory legislation,
- the Taxation Administration Act, the Income Tax Assessment Act and other taxation laws,
7. Disclosing your personal information to third parties (including overseas)
Where the Privacy Act permits it, we may disclose your personal information for the purposes above to third parties. Other third parties that we may disclose your personal information to include:
- your co-applicant (if any)
- related entities based in Australia or overseas;
- entities that provide services to us such as mailing houses or call centre operators;
- entities providing other services to us, including legal services, financial services, market research and data providers;
- our assignees or potential assignees, or where we act as an agent for, or otherwise on behalf of, another person, to the principal or that other person;
- the supplier of any goods or services financed with credit we provide;
- retailers, where the payment or credit service provided by us involves payments to the retailer for goods or services to be provided by them;
- other financial institutions or entities such as banks and credit providers;
- identification service providers;
- insurers, assessors, underwriters, brokers and other distributors;
- government regulatory bodies in Australia and overseas;
- if appropriate, guarantee or security providers;
- organisations involved in debt assignment or securitisation arrangements;
- debt collectors or other enforcement bodies;
- entities who wish to be involved in our business, or acquire an interest in our business;
- third parties you authorise to act on your behalf or that are otherwise connected with you (such as your accountant, legal representative or referee) and
- Law enforcement agencies.
Some of these entities may not be located in Australia, and may not have an Australian link. For example, we employ service providers in countries such as the Philippines.
In addition, although many of the retailers we deal with are in Australia, some of them are overseas. Therefore, when you ask us to make a payment to or to provide credit for a product or service from such a retailer, we will provide information to that retailer and also to banks and other financial institutions, who may also be overseas, who are involved in processing that payment. These entities are not our service providers, and we do not control how they manage your information
8. Disclosing your credit information to third parties such as CRBs
Your consumer credit information may also be disclosed, where relevant, in many of the circumstances described above. In addition, where the Privacy Act permits it, we are permitted to disclose your credit information to CRBs for the purposes above. CRBs may include the information we provide to them in their reports in order for them to conduct an assessment of your credit worthiness. CRBs to whom we may disclose your information include:
9. Your rights in relation to CRBs
You are entitled to:
- opt out of direct marketing pre screenings: CRBs often use credit information to assist credit providers to market their products and services. If you do not want a credit reporting body to use your credit information in this manner, the Privacy Act gives you the right to request you be excluded from being contacted;
- request non-disclosure where you believe you have been, or are likely, a victim of fraud: if you believe that you are a victim of fraud, or are likely to be a victim of fraud, then you are entitled, under the Privacy Act, to request that a credit reporting body not use or disclose any of your credit information.
10. Your ability to access your personal information that we hold (including credit information)
You have specific rights under Australian law in relation to requesting access to and correction of personal information we hold about you and making a privacy complaint.
You can request access to the personal information we hold about you subject to certain exceptions under the Privacy Act. You are entitled to specify how you wish to access your personal information, so long as this is reasonable and practicable. In order to access your personal information, please contact the Privacy Officer on 1300 858 608.
Given that the information we will have is of a sensitive nature, we will need to verify the identity of anyone requesting access to your personal information, so as to ensure that we do not provide that information to a person or people who do not have the right to access that information.
We ask that your request for information be as specific as possible so that we can accommodate your request. We will usually provide you with access within 30 days of a request but in some circumstances it may take longer.
Please note, that under Australian law, FlexiGroup is entitled to refuse you access to your information in the following circumstances:
- access would be unlawful;
- denying access is required or authorised by or under an Australian law or a court/tribunal order; or
- access would prejudice enforcement activities or the taking of appropriate action in relation to unlawful activity or serious misconduct.
There may be other reasons for FlexiGroup refusing to provide you access to your information.
11. How you can correct the information we have about you (including credit information)
We take every stop that is reasonably practicable to ensure that the personal information we collect, use and disclose is accurate, complete and up-to-date. The Privacy Act gives you the right to request correction of the personal information we hold if you believe that the personal information we have is incorrect, then please contact FlexiGroup on 1300 858 608, or fax us on (02) 8905 1821 or email us at firstname.lastname@example.org.
In the event that we do not agree to your request for correction, we will give you notice of this outlining our reasons and what next steps you can take. You may also request us to associate a statement with that information to the effect that the information is inaccurate, out-of-date, incomplete, irrelevant or misleading so that it is apparent to users of the information.
12. Privacy complaints and disputes
The Privacy Act gives you the right make a complaint if you believe that we have not complied with its obligations under the Privacy Act, including obligations relating to consumer credit information under Part IIIA of the Privacy Act and the Credit Reporting Code. If you believe this to be the case, please contact FlexiGroup on 1300 858 608, or fax us on (02) 8905 1821 or email us at email@example.com.
We will endeavour to contact you within 7 days of you making your complaint acknowledging receipt of your complaint. It is our policy to investigate and resolve all complaints (where practicable) within 30 days of receiving the complaint. Where it is a legal requirement to do so, then in the event we need more time to investigate and resolve your complaint, we will notify you as to the reasons why and seek your agreement to extend this 30 day period (if you do not agree, we may then not be able to resolve your complaint).
Please note, that where your complaint relates to your credit information, we may consult with a credit reporting body or other credit provider in order to investigate and resolve your complaint. Depending on the type of complaint, it may also be necessary for us to consult with other third parties.
In the event your complaint is not handled satisfactorily by us, you can contact the below mentioned External Dispute Resolution Schemes (“EDR Scheme”) as set out below:-
The appropriate EDR scheme for Flexirent Capital Pty Limited, Flexi Online Pty Limited, Once Credit Pty Limited, Lombard Finance Pty Limited, RentSmart Pty Ltd and RentSmart Servicing Pty Ltd is
13. Contacting us