‘We’, ‘us’ and ‘our’ refer to Ezfunds Holding Pty Ltd (ABN 32 662 894 297, Credit Representative 550067).
This Policy applies to Ezfunds Holding Pty Ltd and all our Credit Representatives/Authorised Representatives (Representatives) and their staff. The privacy of your personal information is important to us. We are committed to respecting your right to privacy and protecting your personal information. We are bound by the National Privacy Principles in the Privacy Act 1988. Our staff and Representatives are trained to respect your privacy in accordance with our standards, policies and procedures
We receive services to support the broking services we give you. We receive mortgage aggregation services from Finsure Finance and Insurance Pty Ltd (ABN 72 068 153 926, Australian Credit Licence Number 384704). Sometimes they collect personal information about customers to manage customer enquiries or complaints, commission payments or file reviews. If you want to find out how they manage your personal information, please click on the link below:
If you have any questions about this, please do not hesitate to contact us.
Why we collect personal information
We will collect and hold your personal information for the purposes of:
- assessing your application for finance and managing that finance;
- letting you know about our other products and services;
- direct marketing;
- managing our relationship with you;
- when you apply to join our network; and
to comply with any associated legal or regulatory obligations imposed by regulators including those under anti-money laundering and counter-terrorism financing laws or laws relating to comprehensive consumer credit reporting.
Information we collect from you
We collect information about you and your interactions with us. The type of personal information we may ask you to provide to us includes but is not limited to:
- personal and contact details such as your name, phone number, residential or postal address, email address and date of birth;
- documentary evidence to verify your identity such as a certified copy of your driver’s licence, passport, birth certificate, citizenship and marriage certificates;
- Australian Governance related identifiers and identity documents such as your Tax File Number and country of tax residency;
- financial details such as details of your employment, income, assets, financial liabilities;
- information we need to provide our services to you such as your bank account details; and
- credit information such as a credit check. See ‘Credit Information‘ below for more information.
If you are applying for finance we may also collect the ages and number of your dependants and cohabitants, the length of time at your current address, your employment details and proof of earnings and expenses. If you apply for any insurance product through us we may also collect your health information. We will only collect health information from you with your consent.
We do not collect sensitive information (your political or religious beliefs, ethnic background etc.).
Information we collect from others
We may collect information about you in addition to what you voluntarily provide to us in order to comply with relevant laws and regulations.
If you apply for credit, we may obtain a credit report from a credit reporting body. We may also collect information about you that has been made available by third parties who are permitted to provide your data
How your personal information is collected
The personal information we collect about you comes primarily from you. We may also collect information about you in addition to what you voluntarily provide to us from you or other sources such as from finance brokers and other third parties such as accountants and lawyers.
Wherever there is a legal requirement for us to ask for information about you, we will inform you of the obligation and the consequences of not giving us the requested information. For example, in addition to obtaining personal information from you when you acquire a new product or service from us, we will need to obtain certain documentary evidence from you as to your identity. Such evidence may include items such as a certified copy of your driver’s licence, passport or birth certificate. We may also collect your personal information by using electronic verification services or searching publicly available sources of information such as public registers.
We will not collect any personal information about you except where you have knowingly provided that information to us or where we believe that you have authorised a third party to provide that information to us. Any information collected from publicly available sources will be protected in the same way as the information you voluntarily disclose.
If you provide personal information to us about someone else, you must ensure that you are entitled to disclose that information to us, that the other person has consented to you providing us with the information, and that we can collect, use and disclose that information as set out in this Policy without having to take any further steps required under law (such as obtaining consent directly from that person). This means that if you provide us with personal information about someone else, you must make sure that the individual concerned understands the matters set out in this Policy and has provided their consent to be bound by this Policy.
Credit information is information which is used to assess your eligibility to be provided with finance and may include any finance that you have outstanding, your repayment history in respect of those loans, and any defaults. This information is also relevant if you are joining our network.
We will only collect sensitive information about you with your consent. Sensitive information is personal information that includes information relating to your racial or ethnic origin, political persuasion, memberships in trade or professional associations or trade unions, sexual preferences, criminal record, or health.
We will only collect sensitive information that is reasonably necessary for us to perform our functions or activities in advising and dealing with you.
Unsolicited personal information
We don’t usually collect unsolicited personal information. Where we receive unsolicited personal information, we’ll determine whether or not it would have been permissible to collect that personal information if it had been solicited. If we determine that collection would not have been permissible, to the extent permitted by law, we’ll destroy or de-identify that personal information as soon as practicable.ing
Dealing with us anonymously
In general, you can visit our website without telling us who you are or revealing any personal information about yourself. Our web servers collect the domain names, not the email addresses, of visitors. However, if a request is made to be dealt with anonymously yet we are required or authorised by law to deal with identified individuals, we will notify you of this.
How do we use and disclose your personal information?
We only use and hold your personal information:
- for the purpose of assessing your application for finance and managing that finance;
- for the purpose of providing you with the financial product you have sought from us;
- if you are applying to join our network;
- for employment with us, to assess, process and manage your application for employment;
- to handle any complaints that you may have;
- any other purpose permitted under the Privacy Act;
- any other purpose you have consented to; and
- any other permitted purpose set out in this Policy such as direct marketing.
The types of external organisations which we often disclose your personal information include:
- any prospective funders or other intermediaries in relation to your finance requirements;
- other organisations that are involved in managing or administering your finance such as third-party suppliers, printing and postal services, call centres;
- associated businesses that may want to market products to you;
- companies that provide information and infrastructure systems to us;
- anybody who represents you, such as finance brokers, lawyers and accountants;
- anyone, where you have provided us consent;
- where we are required to do so by law, such as under the Anti-Money or Laundering and Courter Terrorism Financing Act 2006 (Cth);
- investors, agents or advisers, or any entity that has an interest in our business;
- your employer, referees or identity verification services; and
- overseas entities that provide support functions to us.
You consent to us disclosing your information to such entities (and allowing such entities to use your personal information to provide their services) without obtaining your consent on a case-by-case basis.
We may also disclose your personal information where it is:
- necessary to provide our products or services to you or undertake operations relating to these products and services (such as to our employees, business partners, suppliers and service providers, professional advisers);
- to carry out promotions or other activities you have requested or for direct marketing purposes (unless you have opted-out of direct marketing communications);
- required by law (such as to the Australian Securities and Investments Commission or AUSTRAC);
- authorised by law (such as where we are obliged to disclose information in the public interest or to protect our interests);
- required to assist in law enforcement (such as to a police force);
- any successors in title to our business (including new business partners or owners; and
- with your consent (express or implied), other entities.
The above entities may in turn disclose your personal information to other entities as described in their respective privacy policies or notices.
From time to time, Finsure Finance and Insurance Pty Ltd may also use your personal information to tell you about products and services they think may be of interest and value to you, changes to their organisation, or new products or services being offered by them or any company with whom they are associated, but they will stop if you tell them to.
They may contact you by various means, including by mail, telephone, email, SMS or other electronic means such as through social media or targeted advertising through their website or online services.
If you do not want to receive direct marketing from Finsure, you can opt-out by writing to them at [email protected]. If the direct marketing is by email, you may also use the unsubscribe function. They will not charge you for giving effect to your request and will take all reasonable steps to meet your request at the earliest possible opportunity.
Keeping your personal information accurate and up-to-date
We aim to make sure that the personal information we collect, use or disclose is accurate, complete and up-to-date. We will take reasonable steps to make sure this is the case. This way we can provide you with better service. If you believe your personal information is not accurate, complete or up to date, please contact us. If we refuse to correct your personal information we will provide you with our reasons within 30 days.
Protecting your personal information
We will take reasonable steps to protect your personal information from misuse, interference, loss and unauthorised access, modification or disclosure. Personal information is stored in electronic form.
We have implemented policies, procedures and systems to keep your personal information secure. In addition, we limit access to the personal information we hold to employees with a legitimate need to use it consistent with the purpose for which the information was collected, for any other matters related to that purpose that you would reasonably expect and other permitted purposes set out in this Policy such as direct marketing.
When your personal information is no longer required, we will take reasonable steps to destroy, delete or de-identify your personal information in a secure manner. However, we may sometimes be required by law to retain certain information, for example, under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) or the Archives Act 1983 (Cth).
We may use cloud storage to store personal information we hold about you. The cloud storage and the IT servers may be located outside Australia.
Your privacy on the Internet
We take care to ensure that the personal information you give us on our website is protected. For example, our website has electronic security systems in place including the use of firewalls. User identifiers, passwords or other access codes may also be used to control access to your personal information.
We compile and categorise a list of our followers on social media platforms. We also receive aggregate, non-personalised statistics on our coverage in social media.
Links to Other Sites
You may be able to access external websites by clicking on links we have provided. Those other websites are not subject to our privacy standards, policies and procedures. You will need to contact or review those websites directly to ascertain their privacy standards, policies and procedures.
Depending on the type of service or product we provide to you, your personal information may be disclosed to our associated entities, contractors and unaffiliated service providers located in other overseas jurisdictions such as the Philippines. The overseas jurisdictions that your personal information is subject to cross border disclosure may change from time to time.
Where Finsure Finance and Insurance Pty Ltd discloses your personal information to an overseas recipient, Finsure Finance and Insurance Pty Ltd will take reasonable steps to ensure the overseas recipients are carefully chosen and comply with this Policy.
Overseas recipients may not be subject to privacy obligations equivalent to those under the Privacy Act and could be compelled by foreign law to make disclosure of the information.
Gaining access to your personal information
You can gain access to your personal information. This is subject to some exceptions allowed by law.
We may refuse to provide you with access, such as where the information relates to existing or anticipated legal proceedings, if the request is vexatious or if the information is commercially sensitive. If access is refused, we will give you a notice explaining our decision to the extent practicable and your options to make a complaint.
We ask that you provide your request for access in writing (for security reasons) and we will provide you with access to that personal information.
We will provide you access within 30 days if it is reasonable and practicable to do so, but in some circumstances, it may take longer (for example, if we need to contact other entities to properly investigate your request).
We do not usually charge you for access to your personal information. However, if the request is complex, we may charge you the marginal cost of providing the access, such as staff costs of locating and collating information or copying costs. If charges are applicable in providing access to you, we will disclose these charges to you prior to providing you with the information.
Lodging a Question or Complaint
If you have a question or a complaint about how we have handled your personal information, please contact us using the contact details provided at the end of this Policy.
The Privacy Officer will acknowledge the receipt of your complaint as promptly as possible after we receive your complaint. We will endeavour to investigate and resolve your complaint within 30 calendar days. If you are unsatisfied with our response, you can lodge a complaint with the Office of the Australian Information Commissioner.
Notifying you of certain data breaches
A data breach occurs when personal information held by us is lost or subjected to unauthorised access or disclosure. If we suspect or know of a data breach, we will take immediate steps to limit any further access or distribution of the affected personal information or the possible compromise of other information.
When we have reasonable grounds to believe that a data breach is likely to result in serious harm – for example identity theft, significant financial loss or threats to physical safety we will notify individuals at likely risk as soon as practicable and make recommendations about the steps they should take in response to the data breach. We will also notify the Office of the Australian Information Commissioner.
Notifications will be made using our usual method of communicating with you such as by a telephone call, email, SMS, physical mail, social media post, or in-person conversation. If we are unable to contact you, (or your nominated intermediary) by any of the above methods we will publish a statement on the front page of our website and place a public notice on our reception desk.
Changes to this Policy
Resolving your privacy concerns
If you are not satisfied with the outcome of your complaint, you are entitled to contact the following entities:
You can learn more about the Privacy Act and your rights at www.privacy.gov.au
(For other concerns, compliments or complaints visit Compliments and Concerns)