CRS respects the privacy of individuals who have dealings with CRS, such as customers, suppliers and employees. CRS is bound by the Australian Privacy Principles, to the extent required by the Australian Privacy Principles (“APP’s”), Privacy Act 1988 (Cth) (“Privacy Act”), and the Credit Reporting Code (“CR Code”). The following policy outlines how CRS collects, uses and manages personal information
Why does CRS collect personal and sensitive information?
CRS is a supplier of debt collection. To operate our business, we need to collect some information about the people we deal with. Collecting personal information is also necessary in some circumstances to meet our legal obligations.
Who does CRS collect personal information about?
CRS collects and holds personal information about:
What kind of personal information does CRS collect and how does CRS collect it?
The type of information we collect varies, depending on the purpose, and may include (but is not limited to) name, address, contact details, employment information, credit information, credit eligibility information and marketing information.
This information may be obtained through the submission of completed forms, provided in person or by telephone by the individuals themselves, or information obtained from a third party such as a credit reporting body or another credit provider.
Where reasonable and practicable, we collect information directly from the individual. CRS may also collect information from other sources including publicly available information.
In all cases if we collect personal information about you from a third party, we will take reasonable steps to ensure that you are made aware of the collection.
CRS also collects a range of credit information about individuals, including the following:
CRS usually collects this information from application forms submitted by applicants for commercial credit, from publicly available sources of information and on individual’s representative sources (e.g. spouse, professional adviser or a referee nominated by the individual).
How does CRS use personal information and to whom may we disclose it?
In general, CRS uses personal information to:
Depending on the product or service provided, personal information may be disclosed to:
We also collect, hold, use and disclose credit information and credit eligibility information about individuals to:
If you do not provide information about yourself that CRS has requested, CRS may not be able to provide you with the relevant product or service.
Credit-Related Personal information
CRS sometimes provides products and services to customers on credit. As a consequence, CRS does in some cases handle certain consumer credit-related personal information described below, including information from credit reporting bodies (“CRBs”):
This information may include information about an individual’s arrangements with other credit providers as well as with CRS. CRS may disclose credit-related personal information to CRBs to assist the CRBs to maintain information about individuals to provide to other credit providers for credit assessments. CRS may collect credit-related personal information from CRBs for purposes including, to the extent permitted by law, to assess relevant credit or guarantee applications, manage and review the credit or guarantee, assign debts, collect overdue payments and produce assessments and ratings in respect of the individual’s credit worthiness. CRS may also exchange credit-related personal information with guarantors, debt buyers and other credit providers.
Under the Privacy Act, individuals may request CRBs not to:
How do we treat sensitive information?
The Privacy Act defines 'sensitive information’ as (among other things) information about a person's racial or ethnic origin, religion, membership of political bodies, trade union or other professional or trade association, sexual preferences or practices, criminal record or health. Sometimes it may be necessary for CRS to collect sensitive information.
If you provide CRS with sensitive information, it is our policy that this information will be used and disclosed only for the purpose for which it was provided or another directly related purpose, unless you agree otherwise, or unless use or disclosure of this information is allowed by law.
The way we use tax file numbers and information received from a credit reporting body about an individual is also restricted by law.
How do we manage personal information?
CRS trains its employees who handle personal information to respect the confidentiality of that information and the privacy of individuals.
How do we store personal information?
CRS is required by the APPs and Part IIIA of the Privacy Act to safeguard the security and privacy of your information, whether you interact with us personally, by telephone, mail, over the internet or other electronic medium. CRS stores personal information at its own premises with the assistance of its service providers. CRS maintains strict procedures and standards and takes a range of steps to prevent unauthorised access to or, disclosure of , personal information and protect an individual’s information from misuse or loss. Once an individual’s information is no longer needed by CRS reasonable steps are taken to destroy or de-identify it.
How do we keep personal information accurate and up-to-date?
CRS seeks to ensure that the personal information it holds is accurate, complete and up-to-date. We realise that this information changes frequently with changes of address and other personal circumstances. We encourage you to contact CRS as soon as possible in order to update any personal information we hold about you. Our contact details are set out below.
Can you access and correct the personal information we hold about you?
You may obtain access to, and correct, any personal information which CRS holds about you (including credit eligibility information), unless one of the exceptions in the Privacy Act applies.
To make a request to access information CRS holds about you, please contact CRS in writing using the details listed below. CRS will require you to verify your identity and to specify what information you require. CRS may charge a reasonable fee to cover the cost of verifying the application and locating, retrieving, reviewing and copying any material requested.
If you seek access to credit eligibility information that we hold about you, we will Endeavour to provide you with access within 30 days of your request (unless unusual circumstances apply). In order to ensure that you have access to the most up-to-date information, you should also request access to the credit reporting information held by credit reporting bodies about you.
Requests to correct credit information and credit eligibility information will be assessed on a case-by-case basis.
If we are satisfied that the personal information is inaccurate, out-of-date, incomplete, irrelevant or misleading, we will take reasonable steps to correct the information within 30 days of your request, or such longer period as agreed with you in writing. In certain circumstances, we may need to consult with a credit reporting body or another credit provider to determine the accuracy or otherwise of the information.
If we correct personal information about you, we will give you written notice of the correction within a reasonable time period. We will also notify you in writing if we decide not to correct the information in accordance with the requirements of the Privacy Act.
What if you have a complaint?
Please specify the nature of your complaint in writing.
If your complaint relates to an alleged contravention of the credit reporting provisions or the CR Code, we will acknowledge your complaint in writing within 7 days and advise you as to how we will deal with it. After investigating the complaint, we will make a decision within 30 days of the complaint being made (or such longer period as agreed with you in writing) and notify you in writing of our decision.
Please note that if you wish to make a complaint about our handling of an access and/or correction request, you may complain directly to the Office of the Australian Information Commissioner (OAIC).
CRS Privacy Officer
PO BOX 453
Blacktown NSW 2148
Telephone: 1300 217 720
If you are not satisfied with our response to your complaint, you may escalate your complaint to the OAIC by calling 1300 363 992 or emailing firstname.lastname@example.org.
Updates to this policy