Privacy Policy
Background
Causbrooks Finance recognizes the importance of your privacy and understands your concerns about the security of the personal information you provide to us. We are committed to protecting your privacy in accordance with the Australian Privacy Principles (“APPs”) as contained in the Privacy Act 1988 (Cth). The APPs detail how personal information may be collected, used, disclosed, stored, and destroyed, and how an individual may gain access to or make complaints about the personal information held about them. This policy explains how we manage your personal information.
What personal information we collect and hold
The kinds of personal information we collect from you depends on the services we provide to you. We collect and hold information that is reasonably necessary for our business functions and activities, which include mortgages, business finance, and SMSF lending. The kinds of personal information that we commonly collect and hold include:
- Your name
- Contact details, including address, phone number, and email address
- Financial information, such as income, assets, and liabilities
- Employment details
- Identification documents, such as driver's license or passport
- Information about your goals and objectives
How we collect and hold personal information
We collect personal information directly from you when you:
- Enquire about our services
- Apply for a loan
- Communicate with us via phone, email, or our website
We may also collect personal information from third parties, such as:
- Credit reporting agencies
- Lenders
- Referrers
We hold personal information in both electronic and paper formats. We take reasonable steps to protect personal information from misuse, interference, loss, and unauthorized access, modification, or disclosure.
Why we collect, hold, use and disclose personal information
We collect, hold, use, and disclose your personal information for the following purposes:
- To assess your eligibility for a loan
- To provide you with our services
- To manage and administer your loan
- To comply with our legal and regulatory obligations
- To send you marketing communications
We may disclose your personal information to third parties, such as:
- Lenders
- Credit reporting agencies
- Insurers
- Our service providers
How we hold and store personal information
Your personal information is held and stored on paper, by electronic means or both. We have physical, electronic and procedural safeguards in place for personal information and take reasonable steps to ensure that your personal information is protected from misuse, interference and loss, and from unauthorised access, modification and disclosure.
- Data held and stored on paper is stored in lockable filing cabinets within secure premises.
- Data held and stored electronically (including “in the Cloud”) is protected by designated password access to systems and internal and external firewalls. We also require our IT contractors and other third parties to implement privacy safeguards.
- Data stored or archived off-site is contained within secure facilities. We also require our storage contractors to implement privacy safeguards.
- Where we disclose personal information to third parties (including contractors and affiliated businesses located locally and overseas), our contractual arrangements with them include specific privacy requirements.
- Our staff receive regular training on privacy procedures.
Destruction and De-identification
We will retain your personal information whilst it is required for any of our firm’s functions, or for any other lawful purpose. We will also retain your personal information for the time periods required by law. We use secure methods to destroy or to permanently de-identify your personal information when it is no longer needed:
- Paper records are commonly sent for secure destruction. In some instances, paper records will be returned to you and/or relevant third parties.
- Electronic records are deleted from all locations, to the best of our ability, or encrypted and/or placed beyond use.
Data Breach
A data breach occurs when personal information that an entity holds is subject to unauthorised access or disclosure or is lost. Examples include:
- Paper records are commonly sent for secure destruction. In some instances, paper records will be returned to you and/or relevant third parties.
- Electronic records are deleted from all locations, to the best of our ability, or encrypted and/or placed beyond use.loss or theft of physical devices (such as laptops and storage devices) or paper records that contain personal information.
- unauthorised access to personal information by an employee.
- inadvertent disclosure of personal information due to ‘human error’, for example an email sent to the wrong person.
- disclosure of an individual’s personal information to a scammer, as a result of inadequate identity verification procedures.
In the unlikely event of an ‘eligible data breach’ (where the access, disclosure or loss is likely to result in serious harm to any of the individuals to whom the information relates), we will undertake the following steps (in accordance with our data breach response plan):
- Contain the data breach to prevent any further compromise of personal information.
- Assess the data breach by gathering the facts and evaluating the risks, including potential harm to affected individuals and, where possible, taking action to remediate any risk of harm.
- Notify the individuals, the Commissioner (if required) and other entities depending on the categories of information involved in the data breach.
- Review the incident and consider what actions can be taken to prevent future breaches.
Protecting children’s privacy
We understand the importance of protecting children’s privacy, especially in an online environment. In particular, our website is not intentionally designed for or directed at children under the age of 13. It is our policy to never knowingly collect or maintain information about anyone under the age of 13, except as part of a specific engagement to provide services which necessitates such personal information be collected.
Requests for access and correction
We have procedures in place for dealing with and responding to requests for access to, and correction of, the personal information held about you. We understand your rights to access and rectification and in most cases, we expect that we will be able to comply with your request. However, if we do not agree to provide you access or to correct the information as requested, we will give you written reasons why. For further information, please see our Privacy Access, Correction & Complaints brochure or contact us. To assist us to keep our records up-to-date, please notify us of any changes to your personal information.
Complaints and Concerns
We have procedures in place for dealing complaints and concerns about our practices in relation to the Privacy Act and the APPs. We will respond to your complaint in accordance with the relevant provisions of the APPs. For further information, please see our Privacy Access, Correction & Complaints brochure or contact us.
Contact
Privacy Officer
Causbrooks Finance
Suite 2 Level 3A, 1 Bligh Street SYDNEY NSW 2000
MAIL TO: GPO BOX 11, SYDNEY NSW 2001
PH. 02 8222 6100
FAX. 02 9222 1880
Email: privacyofficer@causbrooks.com.au
Causbrooks Finance
Suite 2 Level 3A, 1 Bligh Street SYDNEY NSW 2000
MAIL TO: GPO BOX 11, SYDNEY NSW 2001
PH. 02 8222 6100
FAX. 02 9222 1880
Email: privacyofficer@causbrooks.com.au
Privacy Policy Updates
This Privacy Policy is not a static document. We may, from time to time, make changes and updates to this Privacy Policy. The most current and up-to-date Privacy Policy will always appear on our website.
