Spenda Cash Flow Privacy Policy

Respecting your Privacy and the Australian Privacy Principles effective 12th March 2014.

The privacy of your personal information is important to us at Spenda Limited ACN 099 084 143. We are committed to respecting your right to privacy and to protecting your personal information. We are bound by the Australian Privacy Principles “APP” in the Privacy Act 1988 and Privacy Amendment (Enhancing Privacy Protection) Act 2012 (Commonwealth) and any other applicable laws and codes affecting your personal information.

About this Privacy Policy

This Privacy Policy outlines how we manage your personal information. Further, it describes the nature of the personal information held, the purposes for which it is held and the manner in which it is collected and disclosed.

Our Privacy Policy applies to all your dealings with us including via our website.

Please check our website regularly for any updates to our Privacy Policy.

Collecting your personal information

If you are acquiring or have acquired a product or service from Spenda, we will collect and hold your personal information for the purposes of:
providing you with the relevant product or service (including assessing your application and identifying you)
managing and administering the product or service protecting against fraud and Money Laundering.

Credit Reporting

When you apply to us for a Finance facility or have agreed to provide a Guarantee, we need to know if your business is suitable for a facility with us.

A credit report contains information about your credit history that helps us assess your credit applications, verify your identity and manage facilities you have with us. Credit reporting bodies collect and exchange this information with finance providers like us and other service providers such as phone companies. The Privacy Act limits the information that finance providers can disclose about you to credit reporting bodies, as well as the ways in which credit providers can use credit reports.

As Spenda provide a number of financial products, we obtain credit reporting information about individuals or companies who are clients, guarantors, debtors and associates from credit reporting bodies. We only obtain it to the extent we are entitled to obtain it under the Privacy Act 1988. If we require information on an individual, then it may be necessary to request consent before accessing this information. The type of information that we access in relation to an individual could be:

Consumer credit information such as default and payment information
Credit worthiness information about the individual which may include a credit score or risk rating

Spenda may receive payment by credit card or debit card made by a client or debtor. In that case we may collect and hold particulars concerning the credit card or debit card which will be used to effect payment in accordance with an authorisation from the client or debtor.

General Personal Information

The personal information, other than credit information and credit reporting information, we collect and hold varies depending on the person we are dealing with and the reason why we are dealing with them.

We collect this general personal information from individuals who are clients, guarantors, debtors, associates, prospective employees, contractors, suppliers, brokers, introducers, merchants, agents, professional advisers, mercantile agents, mailing houses, call centre operators, archivers and service providers. This information will generally include the individual’s name and contact details. We will only collect sensitive information about an individual with the individual’s consent or when permissible under Australian law.

The information collected may include your name, postal or email address, date of birth, information about your use of our products and services, or other information Spenda considers necessary.

We will, if it is reasonable or practicable to do so, collect your personal information from you. This may happen when you give us personal information over the telephone, or through our website.

In certain cases we may collect your personal information from third parties. For example, we may need to collect personal information from a credit reporting body, your representative (such as a legal adviser), your financial adviser, any publicly available sources of information, or from any other organisations as required.

We collect, hold, use and disclose credit information and credit eligibility information on individuals for purposes permitted by law which are reasonably necessary for our business activities. Examples of these purposes are:

if the individual is a guarantor, to determine whether we should accept a guarantee from the individual
if the individual is a debtor, to assess and verify the debt which the client sells to us or in which the client gives us a security interest, to collect the debt and to enforce the debt and any security which may be given to secure payment of the debt;
if the individual is an associate of the client, to determine if we should provide a facility which includes the provision of commercial credit to the client and to assist in the provision of that facility;
if the individual is an associate of the debtor, we may record the name, IP address, telephone number and e-mail address of a person at the debtor company who electronically or verbally verifies a debt.
to assist in the management and enforcement of the facilities we provide, for data analysis and internal management;
to provide information to credit reporting bodies to the extent this is permitted by the Privacy Act 1988;
to undertake funding raising activities, assign debts and other rights, enter into insurance arrangements (for example insurance policies for debts) and provide information to and obtain information from insurers (including under policies which are taken out by us, which are assigned to us or under which we are the loss payee);
to meet our legal and regulatory requirements; and
to assist other credit providers by giving personal information to them in accordance with an authorisation which the individual has provided to them or us.

We may disclose credit information (such as identification information) about an individual to a credit reporting body. The credit reporting body may include that information in the reports it provides to other credit providers.

The credit reporting bodies we use are CreditorWatch and Equifax. You can access a copy of their respective privacy policies at:

https://www.equifax.com.au/privacy

https://login.creditorwatch.com.au/

Using and Disclosing your Personal Information

In line with modern business practices common to many financial institutions, and pursuant to your specific needs (such as where you have a financial adviser) we may disclose your personal information to the organisations described below. Where your personal information is disclosed we will seek to ensure that the information is held, used or disclosed consistent with the Australian Privacy Principles, any other applicable privacy laws and codes.

The relevant organisations are those:

involved in providing, managing or administering your product or service such as third-party suppliers, other Spenda organisations, loyalty and reward program partners, printers, posting services, and call centres.
involved in maintaining, reviewing and developing our business systems, procedures and infrastructure including testing or upgrading our computer systems
involved in a corporate re-organisation
involved in a transfer of all or part of the assets or business of Spenda
involved in the payments system including financial institutions, merchants and payment organisations
involved in product planning and development
which are your representatives including your legal advisers
as required or authorised by law, such as under the Anti-Money or Laundering and Counter Terrorism Financing Act 2006 (Cth) where you have given your consent.

In addition,

Finance products or services – other organisations to which personal information is usually disclosed are card producers, card schemes, credit and fraud reporting agencies, debt collection agencies, your guarantors, organisations involved in valuing, surveying, or registering a security property or which otherwise have an interest in such property, purchasers of debt portfolios, underwriters, re-insurers and other organisations involved in our normal business practices (such as fund raising activities)
Trustee or custodial services – other organisations to which personal information is usually disclosed are superannuation and managed funds organisations, their advisers and other organisations involved in our normal business practices
Other organisations to which personal information is usually disclosed are fraud detection agencies and other organisations involved in our normal business practices.

Your personal information may also be disclosed to other organisations involved in our normal business practices (such as funding activities) and used in connection with such purposes as outlined above.

Marketing our products and services

We may use or disclose your personal information to let you know about, and develop, products and services from Spenda that may better serve your financial, business and lifestyle needs, or to notify you of promotions or other opportunities in which you may be of interest to you. You can contact us at any time if you no longer wish us to do so.

Keeping your personal information accurate and up-to-date

We aim to make sure that the personal information we collect, use or disclose is accurate, complete and up-to-date and take reasonable steps to make sure this is the case. In this way we can ensure that we provide you with a better service.

If you believe your personal information is not accurate, not complete or not up to date, please contact us.

Protecting your personal information

Records of your personal information are kept in several forms including both paper and electronic form. The security of your personal information is important to us and we take all reasonable precautions to protect it from unauthorised access, modification or disclosure and from loss or misuse. These precautions include:

confidentiality requirements for our employees
document storage security policies
security measures for systems access
providing a discreet environment for confidential discussions
only allowing access to personal information where the individual seeking access has satisfied our identification requirements

If Spenda receives any personal information where we did not solicit the information, Spenda will determine whether or not we could have collected the information if we had reasonably solicited the information. If not, we will take reasonable steps to destroy this information.

Your sensitive information

Without your consent we will not collect information about you that reveals your racial or ethnic origin, political opinions, religious or philosophical beliefs or affiliations, membership of a professional or trade association, membership of a trade union, details of health, disability, sexual orientation, or criminal record.

This is subject to some exceptions including when:

the collection is required by law
Spenda has reason to suspect that unlawful activity, or misconduct of a serious nature, that relates to Spenda’s functions or activities has been, is being, or may be engaged in.
the information is necessary for the establishment, exercise or defence of a legal claim.

Using Government Identifiers

Although in certain circumstances we are required to collect government identifiers such as your Medicare number or drivers licence details, we do not use or disclose this information other than when required or authorised by law, or unless you have voluntarily consented to disclose this information to any third party.

Complaints Handling

Any Complaints are required to be submitted in writing to Spenda, as required by S40(1A) of the Privacy Act. See ‘Contact Us’ below.

On receipt of a complaint by a company, business or individual, it must relate to an act or practice of Spenda and we must:

within 7 days after the complaint is made, acknowledge receipt of the complaint
investigate the matter and advise the company, business or individual within 30 days
set out the decision and indicate if you are dissatisfied with Spenda’s response, you can refer the complaint to the Office of Australian Information Commissioner www.oaic.gov.au.

Your privacy on the Internet

Our Website

We take care to ensure that the personal information you give us on our websites is protected, with electronic security systems in place, including the use of firewalls and data encryption. User identifiers, passwords or other access codes may also be used to control access to your personal information.

Links to Other Sites

You may be able to access external websites by clicking on links we have provided. Those other websites are not subject to our privacy standards, policies and procedures.You will need to contact or review those websites directly to ascertain their privacy standards, policies and procedures.

Gaining access to your personal information

You can gain access to your personal information subject to some exceptions allowed by law.

We will detail the reasons to you, if we deny access.

Unsubmitted on-line applications

If you start but do not submit an on-line application or quote, Spenda may contact you using any of the contact details you supply, to offer help completing it. If you do not submit the on-line application, the information in it will be kept by Spenda for a period of time before being destroyed.