This policy covers Smartgroup Corporation Ltd and its related bodies corporate (“Smartgroup”, “we” or “us”).
We understand how important it is to protect your personal information. This policy our commitment in respect of personal information we hold about you and what we do with that information. Our commitment is to abide by the Australian Privacy Principles for the protection of personal information, as set out in the Privacy Act 1988 (Cth).
When we refer to personal information, we mean information about you from which your identity is reasonably identifiable. This may include information or an opinion about you whether true or not.
The kinds of personal information we may collect about you include:
We may also collect the following information about you depending on the products and services provided:
We may collect your sensitive information only to the extent it is necessary to administer our products or services to you, and only with your consent. Sensitive information includes membership of professional or trade associations or unions, or health information, or if you are applying for a position with us, your criminal history.
Where reasonable and practical we will collect your personal information directly from you. Depending on the product or service provided or your relationship with us, we may also collect your personal information from third parties, for example, your employer or your employer’s outgoing salary packaging service provider.
If you are applying to work for us, we may collect personal information through recruitment companies and websites and from other organisations and referees with your consent.
We collect your personal information for the following purposes:
and for any other purpose related to or ancillary to any of the above.
Depending on the product or service or your relationship with us, we may disclose your personal information:
Prior to disclosing any of your personal information to another person or organisation, we will take all reasonable steps to satisfy ourselves that:
(a) the person or organisation has a commitment to protecting your personal information at least equal to our commitment, or
(b) if required, that you have consented to us doing so.
One of the ways we store and manage information (including personal information) is by using cloud computing, where servers are based in Japan and the USA. We take reasonable steps to maintain the security of your information and to ensure your information is treated in accordance with the standards that apply in Australia.
For some customers (depending upon our agreement with your Employer), we may from time to time use your personal information to provide you with current information about loans, insurance products, special offers you may find of interest, changes to our organisation, or new products or services being offered by us or any company we are associated with.
If you do not wish to receive marketing information, you may at any time decline to receive such information by contacting us. Contact details are set out at section 10 of this policy.
If the direct marketing is by email you may also use the unsubscribe function. We will not charge you for giving effect to your request and will take all reasonable steps to meet your request at the earliest possible opportunity.
You can request to access your personal information we hold at any time. Depending on the volume or difficulty in obtaining the information, we may charge a fee that covers our costs.
An initial response will be provided to you within 7 days from your request, and the outcome of the investigation given in 30 days. There may be situations where we are not required to provide you with access to your personal information, and we will set out the reasons for this. An example of this would be where the information related to existing or anticipated legal proceedings, or if your request was vexatious.
You may also request to correct any of your personal information we hold if it is incorrect, inaccurate or out of date. We will generally rely on you to assist us in informing us if the information we hold about you is inaccurate or incomplete.
Depending on the request we may update your personal information immediately, or we may provide an initial response to you within seven days of receiving your request. Where reasonable, and after our investigation, we will provide you with details about whether we have corrected the personal or credit information within 30 days from your initial request.
We may have to consult with external entities as part of your request to access or correct your personal information.
If we collect government related identifiers, such as your Drivers Licence Number or Tax File Number, we do not use or disclose this information other than to the extent required by law. For instance, we will never adopt your Tax File Number as your account number to identify you.
In most circumstances it will be necessary for us to identify you in order to successfully do business with you. However, where it is lawful and practicable to do so, we will offer you the opportunity of doing business with us without you providing us with personal information.
When we are requested to obtain quotes from dealers for you, we do not release any information that would identify you. Once you select a quote from a dealer, we will then provide your contact details to that dealer so they may get in touch with you.
We will take reasonable steps to protect your personal information by storing it in a secure environment, and when the information is no longer needed for any purpose for which the information may be used or disclosed, it will be destroyed or permanently de-identified. We store your personal information in paper and electronic form. We will also take reasonable steps to protect any personal information from misuse, loss and unauthorised access, modification or disclosure. We do this by:
If you are dissatisfied with how we have dealt with your personal information, or have a complaint about our compliance with the Privacy Act, you may contact us using the details in clause 10.
We will acknowledge your complaint within seven days and provide you with a decision on your complaint within 30 days.
If you feel your complaint is still not resolved adequately after discussion with us, you may then take the complaint to the Credit Ombudsman Service (COSL) if it relates to our role as a financial services provider, or contact the Office of the Australian Information Commissioner on http://www.oaic.gov.au/privacy/privacy-complaints.
If you have any questions about how we handle your personal information, contact our Privacy Officer by phone on 1300 476 278, via email at firstname.lastname@example.org, or at:
Smartgroup Corporation Ltd
GPO Box 4244, Sydney NSW 2001.