Medpro Finance Corporation Pty Ltd - Privacy Policy
About this statement
We know that how we collect, use, exchange and protect your information is important to you, and we value your trust. That’s why protecting your information and being clear about what we do with it is a vital part of our relationship with you.
This policy statement explains how we collect, store, use and disclose personal information (including credit information and credit eligibility information) and what steps we take to comply with privacy laws.
In this Policy, we use the terms “us”, “we”, “our” and “Medpro(‘s)” to refer to Medpro Finance Corporation Pty Ltd (ABN 42 630 454 992).
It is important that you read and understand this Privacy Policy.
What is "personal information"?
"Personal information" is information or an opinion about a reasonably identifiable individual.
What personal information do we collect and hold?
General information
The types of information that we collect and hold about you could include:
ID information such as your name, postal or email address, telephone numbers, and date of birth;
Financial details such as your tax file number;
Health information;
Credit information such as details relating to credit history, credit capacity, and eligibility for credit (‘credit worthiness’); and
Other information we think is necessary.
Information from a credit reporting body
At the time we are obtaining information on your credit worthiness and at other times, we may collect information about you from and give it to credit reporting bodies. This information can include:
ID information: a record of your name(s) (including an alias or previous name), date of birth, gender, current or last known address and previous two addresses, name of current or last known employer and driver’s license number.
Information request: a record of a lender asking a credit reporting body for information in relation to a credit application, including the type and amount of credit applied for.
Default information: a record of your consumer credit payments being overdue.
Serious credit infringement: a record of when a lender reasonably believes that there has been a fraud relating to your consumer credit or that you have avoided paying your consumer credit payments and the credit provider can’t find you.
Personal insolvency information: a record relating to your bankruptcy or your entry into a debt agreement or personal insolvency agreement.
Court proceedings information: an Australian court judgment relating to your credit.
Publicly available information: a record relating to your activities in Australia and your credit worthiness.
Consumer credit liability information: certain details relating to your consumer credit, such as the name of the credit provider, whether the credit provider has an Australian Credit License, the type of consumer credit, the day on which the consumer credit was entered into and terminated, the maximum amount of credit available and certain repayment terms and conditions.
Repayment history information: a record of whether or not you’ve made monthly consumer credit payments and when they were paid.
Payment information: If a lender gave a credit reporting body default information about you and the overdue amount is paid, a statement that the payment has been made.
New arrangement information: If a lender gave a credit reporting body default information about you and your consumer credit contract is varied or replaced, a statement about this.
We use the information we get from credit reporting bodies, in the following activities:
Assessing your application for finance
Approving your application for finance
Information that we get from a credit reporting body or information we derive from such information is known as credit eligibility information.
What sensitive information do we collect?
Sometimes we may collect sensitive information about you. This may include:
Racial or ethnic origin
Membership of a professional or trade association
Criminal record
We generally do not collect information about your health. Unless required by law, we will only collect sensitive information with your consent
When the law authorises or requires us to collect information
We may collect information about you because we are required or authorised by law to collect it. There are laws that affect financial institutions, including company and tax law, which require us to collect personal information. For example, under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) and / or the National Consumer Credit Protection Act 2009 (Cth).
How do we collect your personal information?
How we collect and hold your personal information
We understand that the security and safety of your personal is important to you. To maximize the safety and security of the personal information we collect we will try to collect personal information directly from you (referred to as ‘solicited information’).
There are many ways we seek information from you. We might collect your information when you fill out an enquiry or an application form, called us, sent us a fax or some mail, emailed us, sent us an SMS or personally saw one of our authorised representatives.
How we collect your personal information from other sources
When necessary, we may collect information about you from other sources. Instances of when this may be necessary include:
Circumstances where we can’t get hold of you and we rely on publicly available information to update your contact details;
We are checking the security you are providing through public registers and our service providers; and
At your request, we exchange information with your legal or financial advisers, accountants, practice managers or other representatives.
What if you don’t wish to provide your personal information to us?
If you don’t provide your personal information to us, we may not be able to
Provide you with the product or service you want;
Manage or administer your product or service;
Verify your identity or protect against fraud; or
How we collect and hold your credit information
We will collect your credit information from details included in your request for finance. In addition to the above information, other main sources for collecting credit information are:
Credit reporting bodies;
Other credit providers;
Your co-loan applicants or co-borrowers;
Your guarantors/proposed guarantors;
Your employer, accountant, real estate agent or other referees;
Your agents and other representatives like your referrers, brokers, solicitors, conveyancers and settlement agents;
Organisations that help us to process credit applications such as mortgage managers;
Organisations that check the security you are offering such as valuers;
Organisations providing lenders mortgage insurance and title insurance to us or our related lenders;
Bodies that issue identification documents to help us check your identity; and
Our service providers involved in helping us to provide credit or to administer credit products, including our debt collectors and our legal advisers.
What do we do when we receive information we did not ask for?
Information that we receive without asking is called ‘unsolicited information’. Where we receive unsolicited personal information about you, we will check whether that information is reasonably necessary for our activities. If it is, we’ll handle this information the same way we do with other information we seek from you. If not, we’ll ensure we do the right thing and destroy or de-identify it.
When will we notify you that we have received your information?
When we receive personal information from you directly, we’ll take reasonable steps to notify you how and why we collected your information, who we may disclose it to and outline how you can access it, seek correction of it or make a complaint. Usually this will be verbally, however may also be in writing or via electronic means.
Sometimes we collect your personal information from third parties, even if you may not be aware that we have done so. If we collect information that can be used to identify you, we will take reasonable steps to notify you of that collection.
How do we look after your personal information?
We store information in different ways, including in paper and electronic form. The security of your personal information is important to us and we take reasonable steps to protect it from misuse, interference and loss, and from unauthorised access, modification or disclosure. Some of the ways we do this are:
Confidentiality requirements for all our staff;
Document storage and information security policies;
Security measures for access to our systems;
Only giving access to personal information to a person who is verified to be able to receive that information;
Control of access to our buildings; and
Electronic security systems, such as firewalls and data encryption on our websites.
We can store personal information physically or electronically with third party data storage providers. Where we do this, we use contractual arrangements to ensure those providers take appropriate measures to protect that information and restrict the uses to which they can put that information.
What happens when we no longer need your personal information?
We’ll only keep your information for as long as we require it for our purposes. We’re also required to keep some of your information for certain periods of time under law, such as the Corporations Act, the Anti-Money Laundering & Counter-Terrorism Financing Act, and the Financial Transaction Reports Act for example. When we no longer require your information, we’ll ensure that your information is destroyed or de-identified.
How we use your personal information
The purposes for which we will generally collect and use your information include:
Considering any application for finance you make to us, to provide services to you,
To perform administrative functions, which includes answering your requests and complaints, varying products and services, taking any required legal action in relation to our accounts and managing our products and product portfolios
Developing customer insights, to create new products and to tell you about other products and services that may be offered by third party providers associated with us (related or otherwise). You may tell us at any time that you do not want us to advise you about other products and services (see How can we use your personal information for marketing purposes below for more details).
Training staff;
Risk management;
Systems development and testing, including our websites and other online channels;
Undertaking planning, research and statistical analysis;
Preventing or investigating any fraud or crime, or any suspected fraud or crime;
For any purpose for which you have given your consent.
How can we use your personal information for marketing purposes?
We may let you know about other products and services. Usually these will be our products and services, however sometimes these may be from a third party provider. We may conduct these marketing activities via mail, email, telephone, SMS, or any other electronic means.
If we market to clients or prospective clients, we are happy to let them know how we obtained their information and will provide easy to follow opt-outs.
With your consent, we may disclose your personal information to third parties such as brokers or agents, or for the purpose of connecting you with other businesses or customers. You can ask us not to do this at any time. We won’t sell your personal information to any organisation.
Can you opt out?
Yes. If we send you direct marketing offers or information you can let us know at any time if you no longer wish to receive these.
How may we use your credit information?
In addition to the personal information uses above, we may also use your credit information to:
Enable a mortgage insurer or title insurer to assess the risk of providing insurance to us or to address our contractual arrangements with the insurer;
Assess whether to accept a guarantor or the risk of a guarantor being unable to meet their obligations;
Consider hardship requests;
Who can we share your personal information with?
To make sure we can meet your needs and for the purposes described above, we may need to share your personal information with others. We may share your information with other organisations for any purposes for which we use your information.
If you request us to sharing your information
We may need to share your personal information with:
Your representative or any person acting on your behalf (for example, financial advisers, lawyers, settlement agents, accountants, executors, administrators, trustees, guardians, brokers or auditors); and
Our referee such as your employer (to confirm details about you).
Sharing information with Credit Reporting bodies
We may disclose information about you to a credit reporting body if:
You are applying for credit or
You have obtained credit from us or
If you guarantee or are considering guaranteeing the obligations of another person to us or
You are a director of a company that is loan applicant or borrower or guarantor.
When we provide your information to a credit reporting body, it may be included in reports that the credit reporting body gives other organisations (such as other lenders) to help them assess your credit worthiness.
Some of that information may reflect adversely on your credit worthiness, for example, if you fail to make payments or if you commit a serious credit infringement (like obtaining credit by fraud), which may impact your ability to get credit from other lenders.
Sharing your information with third parties
We may disclose your personal information to third parties, including:
Those involved in providing, managing or administering your product or service;
Authorised representatives who sell products or services on our behalf;
Valuers, insurers (including lenders’ mortgage insurers and title insurers), re-insurers, claim assessors and investigators;
Brokers or referrers who refer your application or business to us;
Other financial institutions, such as banks;
Organisations involved in debt collecting, including purchasers of debt;
Fraud reporting agencies (including organisations that assist with fraud investigations and organisations established to identify, investigate and/or prevent any fraud, suspected fraud, crime, suspected crime, or misconduct of a serious nature);
Organisations involved in surveying or registering a security property or which otherwise have an interest in such property;
Government or regulatory bodies (including ASIC and the Australian Tax Office) as required or authorised by law (in some instances these bodies may share it with relevant foreign authorities);
Our accountants, auditors or lawyers and other external advisers;
Guarantors and prospective guarantors of your facility;
Organisations that maintain, review and develop our business systems, procedures and technology infrastructure, including testing or upgrading our computer systems;
Organisations that participate with us in payments systems including merchants, payment organisations and organisations that produce cards, cheque books or statements for us;
Our joint venture partners that conduct business with us;
Mailing houses and telemarketing agencies whom we may engage to assist us to communicate with you;
Other organisations involved in our normal business practices, including our agents and contractors; and
Where you’ve given your consent.
Exchange of information with overseas parties
We do not share personal information outside of Australia.
However, we may store your information in a cloud or other types of networked or electronic storage. As electronic or networked storage can be accessed from various countries via an internet connection, it’s not always practicable to know in which country your information may be held. If your information is stored in this way, disclosures may occur in other countries, but only through the access of your information provided and used in Australia.
We will not share any of your credit information with a credit reporting body, unless it has a business operation in Australia. We are not likely to share credit eligibility information (that is, credit information we obtain about you from a credit reporting body or that we derive from that information) with organisations unless they have business operations in Australia. We are likely to share other credit information about you with organisations outside Australia.
How do you access your personal information?
We will always give you access to your personal information unless there are certain legal reasons why we can’t. You can ask us to access personal information that we hold by contacting us.
We will give you access to your information in the form you want it where it’s possible, reasonable and practical. We’re not always required to give you access to your personal information. Some of the situations where we don’t have to give you access include when:
It would be unlawful;
There is an unreasonable impact on other individuals;
The request is frivolous;
The information wouldn’t be ordinarily accessible because of legal proceedings;
It would prejudice negotiations with you;
We believe there is a threat to life or public safety
It would jeopardise taking action against serious misconduct by you;
It would be likely to harm the activities of an enforcement body (e.g. the police); or
It would harm the confidentiality of our commercial information.
In relation to credit eligibility information, the exceptions may differ.
If we can’t provide your information in the way you’ve requested, we will tell you why in writing. If you have concerns, you can complain. See ‘Contact Us’.
How to access your credit eligibility information
Where you request access to credit information about you that we hold from credit reporting bodies (or based on that information), you have the following additional rights.
We must:
Provide you access to the information within 30 days (unless unusual circumstances apply);
Make the information clear and accessible; and
Ask you to check with credit reporting bodies what information they hold about you.
This is to ensure it is accurate and up-to-date.
We are not required to give you access to this information if:
It would be unlawful; or
It would be likely to harm the activities of an enforcement body (e.g. the police)
It would harm the confidentiality of our commercial information.
If we refuse to give access to any credit eligibility information, we will tell you why in writing. If you have concerns, you can complain to our external dispute resolution scheme or the Office of the Australian Information Commissioner.
How do you correct your personal information?
Please contact us if you think there is something wrong with the information we hold about you and we’ll try to correct it if it’s inaccurate, out-of-date, incomplete, irrelevant or misleading.
If you are worried that we have given incorrect information to others, you can ask us to tell them about the correction. We’ll try and help where we can – if we can’t, then we’ll let you know in writing.
What else do we have to do to correct your credit information?
If you ask us to correct credit information, we will help you manage corrections.
Whether we made the mistake or someone else made it, we are required to help you ask for the information to be corrected. So we can do this, we might need to talk to others. However, the most efficient way for you to make a correction request is to send it to the organisation which made the mistake.
Where we correct information
If we are able to correct the information, we’ll let you know within five business days of deciding to make the correction. We may also let the relevant third parties know as well as any others you tell us about.
Where we can’t correct information
If we’re unable to correct your information, we’ll explain why in writing within five business days of making this decision. If you have any concerns, you can access our external dispute resolution scheme or make a complaint to the Office of the Australian Information Commissioner.
Time frame for correcting information
If we agree to correct your information, we’ll do so within 30 days from when you asked us, or a longer period if this has been agreed by you. If we can’t make corrections within a 30 day time frame or the agreed time frame, we must:
Let you know about the delay, the reasons for it and when we expect to resolve the matter;
Ask you to agree in writing to give us more time; and
Let you know you can complain to our external dispute resolution scheme or the Office of the Australian Information Commissioner.
Dealing with us anonymously or using an alias
We will generally need to know who you are in order to provide you with our products and services. Despite this, in some circumstances you are entitled to deal with us anonymously, or by using a
pseudonym (alias), for example when making general enquiries about the services we offer.
In some circumstances, you may receive a better service or response if we know who you are. For example, we can keep you up-to-date and better understand a complaint if we know who you are and the circumstances of your complaint.
You must tell us when you are using a pseudonym when applying for our services. If we need to identify you, we will tell you whether or not your real name is required to access those services.
How do you make a complaint?
If you have a complaint about how we handle your personal information, we would like to hear from you.
If you have a complaint or if you would like to contact us for a different purpose you can do so on:
Brisbane
Ground Floor, Silverton Place
101 Wickham Terrace
Brisbane QLD 4000
Ph: (07) 3831 4488
Fax: (07) 3831 0750
Sydney
Level 7
139 Macquarie Street
Sydney NSW 2000
Ph: (02) 9231 1333
Fax: (02) 9231 1444
E: medpro@westnet.com.au
We are committed to resolving your complaint quickly and making sure you’re happy with the outcome.
However if you still feel your issue hasn’t been resolved to your satisfaction, then you can raise your concern with the Office of the Australian Information Commissioner:
Online: www.oaic.gov.au/privacy
Phone: 1300 363 992
Email: enquiries@oaic.gov.au
Fax: +61 2 9284 9666
Mail - GPO Box 5218 Sydney NSW 2001 or GPO Box 2999 Canberra ACT 2601
What additional things do we have to do to manage your complaints about credit information?
If your complaint relates to how we handled your access and correction requests
You may take your complaint directly to our external dispute resolution scheme or the Office of the Australian Information Commissioner. You are not required to let us try to resolve it first.
For all other complaints relating to credit information - if you make a complaint about things (other than an access request or correction request) in relation to your credit information, we will let you know how we will deal with it within seven days.
Ask for more time if we can’t fix things in 30 days
If we can’t fix things within 30 days, we’ll let you know why and how long we think it will take. We will also ask you for an extension of time to fix the matter. If you have any concerns, you may complain to our external dispute resolution scheme or the Office of the Australian Information Commissioner.
Letting you know about our decision
We’ll let you know about our decision within 30 days or any longer agreed time frame. If you have any concerns, you may complain to our external dispute resolution scheme or the Office of the Australian Information Commissioner.
Credit reporting body contact details
We use Veda Advantage Business Information Services Ltd to checking your credit worthiness This credit reporting body has a credit reporting policy about how they handle your information. You can obtain a copy of their policy per the below:
Online: www.mycreditfile.com.au
Veda Advantage’s credit reporting policy is set out at http://www.veda.com.au/privacy
Phone: 1300 762 207
Mail: Attention: Public Access Division Veda Advantage PO Box 966 North Sydney NSW 2059
Contact credit reporting bodies if you think you have been the victim of a fraud
If you believe that you have been or are likely to be the victim of fraud (including identify fraud), you can request a credit reporting body not to use or disclose the information they hold about you. If you do this, the credit reporting body mustn’t use or disclose the information during an initial 21 day period without your consent (unless the use or disclosure is required by law). This is known as a ban period.
If, after the initial 21 day ban period, the credit reporting body believes on reasonable grounds that you continue to be or are likely to be the victim of fraud, the credit reporting body must extend the ban period as they think reasonable in the circumstances. The credit reporting body must give you a written notice of the extension.
Contact credit reporting bodies if you don’t want your information used by them for direct marketing/pre screening purposes.
Credit reporting bodies can use the personal information about you that they collect for a pre-screening assessment at the request of a credit provider unless you ask them not to. A pre screening assessment is an assessment of individuals to see if they satisfy particular eligibility requirements of a credit provider to receive direct marketing. You have the right to contact a credit reporting body to say that you don’t want your information used in pre screening assessments. If you do this, the credit reporting body must not use your information for that purpose.
Changes to this Privacy Policy
This Policy may change. We will let you know of any changes to this Policy by posting a notification on our website. Any information collected after an amended privacy statement has been posted on the site, will be subject to that amended privacy statement.