Privacy and Credit Reporting Policy

Downloadable / Printable PDF Privacy Policy Consent Form
Permission to obtain and disclose personal information and related credit information

The protection of your personal information is very important to us.This Privacy and Credit Reporting Policy explains how we collect, hold, use and disclose your personal information when you visit our websites, mobile apps, official media platforms or apply for or use our services or products through us or our authorised third parties.  It also outlines how we manage your credit information and credit eligibility information in accordance with the Privacy Act 1988 (Cth) (Privacy Act)and the Australian Privacy Principals (APP). The APP is designed to protect personal information about individuals and sets in place a frame work and guidelines about how to deal with this information.  APP 1.3 requires us to have a clearly expressed and up-to-date APP privacy policy describing how we manage your personal information. Further in February 2018, the Notifiable Data Breaches (NDB)Scheme was introduced under Part IIIC of the Privacy Act. The NDB establishes requirements and compliance mechanisms for entities in responding to data breaches. This Privacy and Creditor Reporting Policy is to be read in conjunction with our Terms and Conditions which are available at https://www.monoova.com/terms-of-use and our Privacy Consent which is available here.

For the purposes of this Privacy and Credit Reporting Policy,  'we' and ‘us’ means Moneytech Group LimitedACN 611 393 554, Moneytech Limited ACN 106 249 852, Moneytech Finance PtyLimited ACN 112 110 906, Moneytech Finance 2 Pty Ltd ACN 639 950 584, MoneytechFX Pty Limited ACN 151 337 852, Moneytech Payments Pty Limited ACN 126 015 227, Moneytech Services Pty Limited ACN 112 110 933 and their related bodies corporate and affiliates.By providing us with your personal information you consent to us using and handling your information in accordance with this Privacy andCredit Reporting Policy. If you provide any personal information about another individual then we rely upon you to inform him or her of the details contained in our Privacy and Credit Reporting Policy.

What is Personal Information?

“PersonalInformation” as defined under the Privacy Act, means information or an opinionabout an identified individual, or an individual who is reasonable identifiablewhether the information or opinion is true or not; and whether the informationor opinion is recorded in a material form or not. The kinds of personal information we collect and hold about you dependson the circumstances of collection and the nature of your dealings with us. 

We generally collect and hold the following kinds of personalinformation (and where that information is credit information, the followingkinds of credit information) about our customers and applicants:

We may also:

If we are not provided with this personal information, then we areunable to provide you with our products or services.

We will not collect information about you that is “sensitive information”which includes information about your health, biometrics, genetics, ethnic background, sexual preferences, criminal records, religious belief, religious affiliations, philosophical believes, professional memberships, trade memberships, political memberships and opinions unless you provide your consent, or we are authorised to do so by law.

Credit information we collect and hold

As a credit provider, the kinds of credit information we may also collect and hold includes:

Credit eligibility information we hold

The kinds of credit eligibility information that we usually hold includes:

ElectronicIdentification Verification

Under the AML/CTF Act, we may be required to disclose your name, telephone number, residential address and date of birth toa third party including a CRB in order to verify your identity electronically.If you are an individual, we will obtain your consent before we disclose this information to any third party including a CRB. If you do not consent to have your identity verified electronically, you will be required to provide us with certified copies of your identification documents to us.

If we are unable to verify your identity, we will be unable to provide our services to you.

Credit Providers' rights to disclose your Information

The kinds of CRB derived information that we usually derive from credit reports include information we develop based on credit reporting information about you we receive from a CRB which we use to generate an internal credit score and form a view on your credit worthiness in the course of assessing your credit application.

How we collect personal information and credit information

We collect personal information (including credit information) directly from you, such as through meetings with you in person, or via other contact methods such as by telephone, facsimile, e-mail and mail, or when you complete an application form, transact with us or provide further information through our website.

We may also collect personal information (including credit information) about you from other sources, such as:

We may collect, hold and disclose personal information about anindividual from third parties who have applied for a product or service, forexample:

that when you provide personal information about another person, you are authorised to do so and agree to inform that person of the contents of this Privacy and Credit Reporting Policy as it relates to them.

What are the purposes for which we collect, hold, use and disclose your personal information, credit information and credit eligibility information?

The Privacy Act allows us to disclose personal information about you whenrelated to the primary purpose for which it is collected.

We collect, hold, use and disclose your personal information (and where that information is credit information and/or credit eligibility information, your credit information and/or credit eligibility information) for the purposes of:

We may also disclose your credit information to a CRB in the following circumstances:

The information we might collect about you and disclose to one or more CRB may include:

Finally, we may disclose credit information we hold about you where required or permitted by law.

Privacy Consent

We may also collect, hold and disclose your personal information provided to us upon your consent, to our third-party partners and in accordance with the terms of our Privacy Consent which can be accessed here

Data Breaches

In accordance with the NDB, we are aware of our responsibilities to notify you in the event of a potential data breach that may cause serious harm to you.

While we will take all reasonable endeavours to secure your data, there is the possibility of unauthorised access to, unauthorised disclosure of, o rloss or modification of your personal information (including credit information) that we hold (data breach).

Under the NDB where we have reasonable grounds to believe that there has been a data breach, and that it is likely to cause serious harm to one or more individuals, we will: Where we suspect a data breach has occurred we will immediately conduct an investigation and if one is found will follow the above procedure.     For more information on the NBD scheme, please see https://www.oaic.gov.au/privacy-law/privacy-act/notifiable-data-breaches-scheme.

  1. (a)   notify the Office of Australian Information  Commissioner (OAIC) by way of theprescribed statement; and either:
  2. 1) notify all individuals whose personal information was part of the eligible data breach; or
  3. 2) notify only individuals at risk of serious harm from the eligible data breach; or
  4. 3) if the above isn’t practicable, publish a copy of the statement ourwebsite and take reasonable steps to publicise the contents of the statement.

Where we suspect a data breach has occurred we will immediately conduct an investigation and if one is found will follow the above procedure.    

For more information on the NBD scheme, please see https://www.oaic.gov.au/privacy-law/privacy-act/notifiable-data-breaches-scheme.

Overseas disclosures

As at 25 May 2018, the General Data Protection Regulation (GDPR)was introduced providing increased transparency for data protection for all businesses transferring data to the EU. While the GDPR and the Privacy Actshare some similarities, we are providing robust privacy policies and procedures for our staff and clients.  

Our business is operated only in Australia. However, in some cases your personal information may be disclosed to organisations overseas including without limitation the United States of America. In the event that you are located in the Europe Union, we acknowledge that any potential data breaches will be safe guarded by the provisions of GDPR.  

Overseas organisations may be required to disclose information shared with them under a foreign law. Your Information may be stored in cloud or other types of network or electronic storage and we will take reasonable stepsto ensure appropriate security arrangements are in place if this is the case.Such storage may be accessed from various countries by an internet connection hence it is not always possible to know in which country your Information maybe accessed or held.   

By using our websites, mobile apps, official media platforms or use of our services or products through us or our authorised third parties, you consent to your Information being transferred to other countries which have different data protection laws than Australia.  

Access and Correction of your information

Subjectto any applicable exceptions in the Privacy Act, where we hold personalinformation and credit eligibility information about you, you have a right tohave access to it.  Within a reasonableperiod after receiving a request from you, we will take reasonable steps toprovide you with access. An administrativefee may be payable for the provision of this information. We will advise you ofthe administrative fee payable by you prior to providing this information. Toobtain access to your information, please write to:

The Privacy Officer:PO BOX 2015, North Sydney NSW 2060, Australia or email us at privacy.officer@moneytech.com.au

We may require that you verify your identity before the credit eligibility information we hold is disclosed to you. We may refuse to provide you with information that we hold about you, in certain circumstances set out in the Privacy Act. If we do, we will write to you to let you know why your request has been denied or limited unless, having regards to the grounds for refusal, it would be unreasonable for us to do so.

If you believe that any personal, credit and/or credit eligibility information we hold on you is inaccurate, out of date, incomplete, irrelevant or misleading, please email us at privacy.officer@moneytech.com.au.
If we are satisfied that the personal, credit and/or credit eligibility information about you is inaccurate, out-of-date, incomplete, irrelevant or misleading, we will take such steps (if any) as are reasonable in the circumstances to correct the information within 30 days or any such longer period you agree to in writing. If we consider it necessary in order to deal with your request we may consult with a CRB or another credit provider. If we do not agree with a request to correct information we will give you notice in writing as to our reasons and what you can do if you are not satisfied with our response.

Direct Marketing

We may use and disclose your personal information to inform you about products or services we think might be of interest to you. We may also disclose your personal information to our related bodies corporate and preferred providers(together referred to as the RelatedCompanies) so that they may inform you about products and services.  If you do not want to receive any information about products and services (supplied by us or the RelatedCompanies)  please notify us by emailing our Privacy Officer at privacy.officer@moneytech.com.au.

We will not sell, distribute or lease your Information to third parties unless we have your permission or are required by law to do so.  

Complaints

If you believe that we have not complied with our obligations under the APP(APP Complaint) orunder the credit reporting provisions of the Privacy Act or the CreditReporting Privacy Code (Credit RelatedComplaint) you should firstly let us know by emailing usat privacy.officer@moneytech.com.au setting out details of the breach.  

If you make a Credit Related Complaint, we will acknowledge your complaint within 7 days. Where, in relation to a Credit Related Complaint, we consider that it is necessary to speak to a CRB or a credit provider about your complaint, we will do so. 

We will, after investigating your complaint and within 30 days of your complaint(or such longer period as agreed), make a decision about the complaint and respond to you in writing.  Where your complaint is a Credit RelatedComplaint, our response will set out our decision and state that if you are not satisfied with the decision you may access a recognised external dispute resolution scheme of which we are a member. We are a member ofAustralian Financial Complaints Authority (AFCA).AFCA independently and impartially resolves disputes between consumers and participating members on matters including privacy. Alternatively, you may contact the OAIC in relation to both APP Complaints and Credit Related Complaints.

Thecontact details for AFCA are:
AustralianFinancial Complaints Authority
Mail:        GPO Box 3, Melbourne 3001
Phone:     1800 931 678 (free call)
Email:   info@afca.org.au
Website: www.afca.org.au 

The contact details for the OAIC are:
TheOffice of the Australian Information Commissioner
Mail: GPO Box 2999,
Canberra, ACT, 2601
Phone: 1300 363 992
Email: enquiries@oaic.gov.au
Website: www.oaic.gov.au  

Storage and Security

Your personal and credit information (and credit eligibility information) may be held in physical or electronic form on our systems or the systems of our service providers. We are committed to ensuring that this information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information and protect it from misuse, interference, loss and unauthorised access, modification and disclosure.

No Information transmitted over the Internet can be guaranteed to be secure. We cannot guarantee the security of any information that you transmit to us, or receive from us. The transmission and exchange of information is carried out at your own risk. Although we take measures to safeguard against un-authorised disclosures of information, we cannot assure you that information that we collect will not be disclosed in a manner that is inconsistent with this Privacy and Credit Reporting Policy.

Please notify us immediately if there is any unauthorised use of your account by any other Internet user or any other breach of security. For the purposes of viewing the Web site you may have a user name and password. You are responsible for the security and confidentiality of your password and log-in information.

Cookies & Web Beacons  

Where you visit our website, use or services or products for which we provide online, we may use cookies from time to time. Cookies are text files placed in your computer's browser to store your preferences.. However, once you choose to furnish us with personally identifiable information, this information may be linked to the data stored in the cookie. 

Overall, cookies help us provide you with a better website by enabling us to monitor which pages you find useful and which you do not. A cookie in noway gives us access to your computer or any personal identifiable information about you, other than the data you choose to share with us. You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer.However, this may prevent you from taking full advantage of our website.

We may use web beacons on our website from time to time. Web beacons(also known as clear gifs) are small pieces of code placed on a web page to monitor the behaviour and collect data about the visitors viewing a web page.For example, web beacons can be used to count the users who visit a web page orto deliver a cookie to the browser of a visitor viewing that page.

Links to other websites

Our website may contain links to other websites of interest (ThirdParty Websites) and we may display content or information from other websites within frames on our website (Third Party Content).  We do not have any control over those ThirdParty Websites or the Third Party Content. We are not responsible for or liable for the handling, use, disclosure,  protection and/or privacy of any personal information which you provide or which has been collected whilst visiting ThirdParty Websites, and such websites are not governed by this Privacy and CreditReporting Policy.

Changes to the Privacy and Credit Reporting Policy

We may revise this Privacy and CreditReporting Policy from time to time by publishing it on our website and will be effective as from the publishing date. If you have any questions relating to this Privacy and Credit Reporting Policy please contract our Privacy Officer on1300 858 904 or privacy.officer@moneytech.com.au

Notifiable Matters

The law requires us to advise you or otherwise ensure that you are aware of certain ‘notifiable matters’. The CRB in which we use contain their own credit reporting policies outlining how they deal with your information. Such policies are outlined on their respective websites and via the details provided below:

Equifax Australia InformationServices and Solutions Pty Limited
Mail:       GPO Box 964, NORTH SYDNEY NSW 2059
Phone:     138 332 (free call)
Website:    https://www.equifax.com.au/  

A copy of Equifax's credit information managementpolicy may be obtained by contacting them at https://www.equifax.com.au/contact.

You should be aware of the following matters:

You are entitled to request that a CRB:

Contact details

If you would like more information about our approach to privacy, or if you wish to contact us regarding the information set out in this Privacy and CreditReporting Policy, please contact us:

In this Privacy and Credit Reporting Policy, “commercial credit”, “CP derived information”, “credit eligibility information”, “credit information”, “credit reporting body”, “credit reporting information”, “credit worthiness” and“personal information” have the meanings given to them in the Privacy Act.