What is “personal information”?
Personal information is information or an opinion, whether or not true, and whether recorded in a material form or not, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion. It may include contact details, date of birth, bank account or credit card details, or other personal details unlikely to be known to other people.
How do we collect and hold personal information.
We may collect personal information as follows:
if a client of ours provides us with your personal information; and
when we interact with you.
Where we have collected your personal information from our client(s), we will take reasonable steps to let you know that we have your personal information, unless it is obvious in the circumstances, that you know or would expect us to have the information. ‘Reasonable steps’ may include asking the person who gave us your information to let you know that we have that information.
Why do we collect personal information?
Collection of personal information is essential for the provision of our products and services provided on behalf of our client(s) to you. Without personal information, we would not be able to provide these products and services.
Personal information is collected so that we can:
administer our relationship with you (including collecting your payments, following up on any missed payments, refunding payments, dealing with any ad hoc enquiries you may have, and otherwise dealing with other matters relevant to the provision of our products and services to you);
perform our internal administration and operations (including, without limitation, distributing payments to our clients, accounting, reporting, risk management, record-keeping, archiving, systems development and testing and staff training);
collect outstanding debts (including via the use of a third party); and
comply with our legal obligations.
Personal information may also be used for:
monitoring, evaluating, developing and identifying products and services;
informing you of our products and services (unless you have expressly asked us not to);
gathering and aggregating information for statistical and research purposes; and
taking measures to detect fraud and credit loss.
For statistical purposes, we may collect information on web site activity through the use of ‘cookies’. A cookie contains information that makes it easier for our server to interact with your computer. Cookies do not identify individual users, although they do identify a user’s browser type and your Internet Service Provider (ISP).
You can configure your browser to accept all cookies, reject all cookies or notify you when a cookie is sent. Please refer to your browser instructions or help screens to learn more about these functions.
Our websites may contain links to other third party websites. While these links are provided for your convenience, you should be aware that the information handling practices of the linked web sites might not be the same as ours.
Quality of personal information
Our aim is to ensure that the personal information we hold is accurate, complete and up-to-date. Please contact us if at any time you believe that your personal information held by us is inaccurate, incomplete or not up-to-date.
Personal information security
We are committed to keeping secure your personal information from misuse, loss, unauthorised access, modification or disclosure.
We have a range of policies and practices in place aimed at providing a secure environment. These measures are reviewed regularly to ensure their on-going viability. Security measures that we have implemented include, but are not limited to:
educating our staff as to their obligations with regard to your personal information;
requiring our staff to use personalised passwords when accessing our systems;
providing secure storage for all physical records;
ensuring that the facilities and records containing personal information are protected on-site by enhanced security measures including restricted access rooms, alarms and cameras;
employing firewalls, intrusion detection systems and virus scanning tools to protect against unauthorised access to our systems; and
Where information is no longer needed for any purpose, we ensure that it is effectively and securely destroyed or de-identified.
Accessing your personal information
You have the right to request access to, and to obtain a copy of, your personal information held by us, and we are required to respond to your request within a reasonable period of time.
In most cases, we will provide you with the access to your personal information that you have requested, though there are limited circumstances permitted by the Privacy Act 1988 where we may refuse. If we do not give you the access you have requested, or only give you restricted access, we will let you know why.
We may also charge a fee for providing you with access to your personal information. This fee must not be excessive and must not relate to the making of the request.
Correction of personal information
If you require access in order to correct your personal information, you will need to establish why the correction is necessary. We will then take reasonable steps to correct your information within a reasonable period of time, so that it is accurate, up-to-date, complete, relevant and not misleading.
Disclosures required by law
We may be required to disclose your personal information by law (for example, by Court Order or Statutory Notice). In all circumstances, we will comply with our legal obligations.