Commercial Credit Control Privacy Policy
Updated as of March 2024
We are committed to respecting the privacy of your personal information including credit-related personal information. This privacy policy gives you information about how we collect, store and manage your personal information that you might give us in the course of dealing with us. In this Policy, we use the terms “us”, “we” and “our” to refer to the Investors Central Limited ABN 34 143 097 385, Fin One Pty Ltd ABN 80 139 719 903, Finance One Commercial Pty Ltd ABN 18 634 900 548, Fin One Services ABN 94 654 881 160, Strategic Collections Pty Ltd ABN 30 141 566 403, SC Loan Solutions ABN 30 141 566 403 and Commercial Credit Control Pty Ltd ABN 21 072 640 601. We are bound by the Privacy Act 1988 (Cth) and the Australia Privacy Principles contained in the Act as well as the Privacy (Credit Reporting) Code 2014.
Personal information is information or an opinion about a reasonably identifiable individual. The personal information we collect from you and hold will vary depending on how we have contact with you.
When you visit our website, we may collect and store information about your visit including:
- the domain name and IP address of the computer from which you accessed the Internet;
- the date and time you accessed the website;
- the internet address of the website from which you linked directly to our website; and
- the pages you accessed while visiting the website.
We may also collect your email address through the use of websites, software and internet tracking devices such as cookies, anonymous identifiers and session variables.
As a result of dealing further with us, including by telephone, whether as a customer, guarantor, contractor, supplier or service provider, we may collect and store personal information from you such as:
- your name and date of birth;
- your address, previous addresses and how long you have lived at those addresses;
- other contact details such as social media handles;
- identification information such as your drivers’ licence number or passport details;
- your employer, previous employers and how long you have been in such employment;
- your bank account details;
- information contained in credit reports obtained from credit reporting bodies, which includes information about your credit history with other credit providers;
- information about your current facilities with other credit providers;
- your email address;
- your telephone numbers; and
- the details of any references you supply, including the names and addresses of your referees.
You may have the option to use a name other than your real name (a pseudonym) when making general inquiries with us. You are not required to provide us with your name or any personal information if you do not wish to. However, to go beyond making general inquiries you will not be able to remain anonymous. Before providing you with any specific information or offering credit we are required to identify you. We are not permitted by law to provide you with credit without obtaining proof of your identity.
You must tell us when you are using a pseudonym when applying for our services. If we need to identify you, we will tell you whether or not your real name is required to access those services.
As far as practicable, we collect your personal information directly from you or from persons acting on your behalf, including when you complete our forms, call or email us or in our ongoing dealings with you. For example, we will collect information internally from your transactions in connection with credit, such as when you make payments to us.
We may collect your personal information from the recording of telephone calls. It is our practice to record telephone calls for quality assurance and staff training purposes. You may request that a call not be recorded when you telephone us. Call recordings are stored securely, with restricted access, and are deleted after 31 days.
We may also collect personal information about you from publicly available sources, and in some cases, from third parties including:
- a credit reporting body;
- someone authorised by you, such as an agent, broker, accountant, solicitor, financial counsellor, introducer or guarantor;
- a referee;
- an employer;
- a government body;
- another financial institution;
- a professional or trade association or trade union;
- an approved gateway service provider of the Document Verification Service (e.g., Vix Verify Pty Ltd); and
- our agents.
We may collect personal information about you from your visit to our website through the use of technologies such as anonymous identifiers, session variables, and cookies, including Google Analytics. A cookie is a small piece of data which is sent from a web server to a web browser on your machine or device when your browser visits our website, to help remember your preferences. The cookies are stored on your machine or device as historical identifiers only and cannot do anything to your machine. The cookies used by us cannot determine your email address or anything about your computer or device. The use of cookies may help us to identify the pages you access and the prior site you visited. The technology that may collect personal information about you from your visit to our website, is used to collect information about how you interact with our website and allow us to remember you. This information may include your internet protocol address, date and time of visit, pages viewed, and how you navigate our website. We use this information in order to improve and customise your browsing experience and for analytics and metrics about our visitors both on this website and other media. We may share data collected through this method with third parties to provide you with relevant advertising when browsing third-party networks and websites, such as Google. You may be able to set your internet web browser to block or limit cookies. Some features of our website may not work as efficiently or at all if you have done so. You can also find out more about how Google uses data and how you can control information sent to Google at www.google.com/policies/privacy/partners. Information about how you can opt out of Google Analytics can be found at https://tools.google.com/dlpage/gaoptout.
To secure your personal information and protect it from unauthorised disclosure we:
- maintain a secure environment for storage of information in both hard copy and electronic form;
- securely destroying or “de-identifying” personal information if we no longer require it subject to our legal obligations to keep some information for certain prescribed periods;
- use technology such as encryption and password protection to secure any information kept in electronic form; and
- only permit access to such information to authorised personnel only.
We may collect, hold, use and disclose your personal information to:
- provide you with our products or services, or those of related entities and affiliated product and service providers;
- collect any debt or otherwise enforce any rights, whether by court proceedings or otherwise arising under your credit contract
- manage your credit contract, which may involve the use of external service providers;
- consider any application for variation of your repayments, whether or not on the grounds of hardship;
- manage complaints and disputes;
- meet our legal requirements, including those under Australian privacy, Anti-Money Laundering and Counter-Terrorism Financing and other laws, regulations or codes that bind us;
- assist other credit providers with the same purposes as permitted by Australian privacy law, such as by disclosing credit information to them with your consent or where you have committed a serious credit infringement;
- communicate with you, by way of direct marketing, information about our products and services. If you do not wish us to do so, you can opt out of such communication by informing us in person, by telephone, by post or by email;
- allow us to run our business and perform administrative and operational tasks (such as training staff, risk management; developing and marketing products and services, undertaking planning, research and statistical analysis; credit scoring, collecting debts and systems development and testing);
- search and/or register any Personal Property Securities; and
- otherwise communicate with you for the purposes outlined above.
We will share your personal information with all companies and subsidiaries that form part of Commercial Credit Control (the Group). If one company within the Group collects your personal information, other companies within the Group may use and disclose your personal information for the purposes described within this Policy in accordance with any products and services they may provide you.
We may disclose your personal information to third parties outside of the Group, including:
- insurance and their advisers and service providers;
- other financial institutions, such as banks, as well as guarantors of your facility;
- organisations involved in debt collecting, including purchasers of debt;
- fraud reporting agencies (including organisations that assist with fraud investigations) and organisations established to detect, identify, investigate and/or prevent suspected or actual fraudulent or other criminal activity or serious misconduct;
- service providers that assist with fraud detection and prevention;
- organisations involved in registering a security property or which otherwise have an interest in such property;
- service providers that maintain, review and develop our business systems, procedures and technology infrastructure, including testing or upgrading our computer systems;
- payments systems organisations including merchants, payment organisations and organisations that produce cards, cheque books or statements for us;
- organisations that assist with our product planning, analytics, research and development;
- other organisations involved in our normal business practices, including our agents and contractors, as well as our accountants, auditors or lawyers and other external advisers (e.g. consultants and any independent customer advocates);
- government or regulatory bodies (including the Australian Securities and Investment Commission and the Australian Tax Office) as required or authorised by law (in some instances these bodies may share it with relevant foreign authorities);
- where you have given your consent or at your request, including to your representatives, advisors, translators or (if you are experiencing vulnerability) other nominated assistance parties;
- to State or Territory Government bodies, where the disclosure is required by law or reasonably necessary to protect public health and safety or the health and safety of any individual.
From time to time we may use your personal information to let you know about other products and services from us that you might be interested in, but we will not do so if you tell us not to. We might also want to let you know about products and services from our related companies and partners.
If you do not want to receive advertising materials, please contact us on 1300 137 303.
We may store your personal information, (including credit information) in cloud or other types of networked or electronic systems. If your information is stored this way, disclosures may occur with entities located outside of Australia, including data hosting and other IT service providers located in the United States of America and Germany. We may also send your personal information (including credit information) to The Philippines, where we have outsourced a functions or activity to a service provider in that country.
We take reasonable steps to ensure that your personal information (including credit information and credit eligibility information) is accurate, complete and up to date.
You may request access to your personal information held by us by identifying yourself by telephone, by post or by attaching scanned documents to an email and sending your request for access to us at:
Mail: Privacy Officer
Commercial Credit Control PO Box 93, Varsity Lakes, QLD 4227
Phone: 1300 949 457
Email: [email protected].
If we are unable to grant you access to your personal information, we will give you our reasons in writing within a reasonable time. These may include where providing the information to you may:
- compromise some other person’s privacy;
- pose a threat to the health or safety of another person;
- not be permitted by law; or
- reveal internal information of a commercially sensitive nature which is not required to be disclosed to you by Australian privacy law.
Where we do grant access to your information, we may charge you a fee for accessing your personal information.
Under the Privacy Act, you also have a right to request that we correct information that you believe to be inaccurate, out of date, incomplete, irrelevant or misleading. If at any time you believe any personal information which we hold about you is incorrect, please advise us by contacting our Privacy Officer at:
Mail: Privacy Officer
Commercial Credit Control PO Box 93, Varsity Lakes, QLD 4227
Phone: 1300 949 457
Email: [email protected].
If we cannot agree to the change to the information which you have requested, we will give you reasons in writing. If you disagree with our decision for the denial or refusal to correct information, you may request that we review the decision via our complaints handling process.
If you are not satisfied with the reasons referred to above or otherwise have any concerns about how we collect, hold, use or disclose your personal information, please contact our Privacy Officer who will then follow our Privacy Internal Dispute Resolution process. Our Privacy Officer can be contacted on
Mail: Privacy Officer
Commercial Credit Control PO Box 93, Varsity Lakes, QLD 4227
Phone: 1300 949 457
Email: [email protected].
If you are not satisfied with our Privacy Internal Dispute Resolution process, you may refer your complaint to the Office of the Australian Information Commissioner:
Mail: Office of the Australian Privacy Commissioner,
GPO Box 5218, Sydney NSW 2001
Online: www.oaic.gov.au
Email: [email protected]
Phone: 1300 363 992 (free call)
This statement sets out our current Privacy Policy. It replaces all previous Privacy Policies which have been issued before the date of this Privacy Policy.
From time to time, we may make changes to this Privacy Policy because of changes to the law, technology, or our systems. We will provide notice of such changes on our website. Where the changes may affect you in a particular way, and you have a credit contract with us, we will notify you if required by Australian privacy law. You may request a hard copy of this Privacy Policy by contacting us.
Commercial Credit Control is PCI DSS Certified (Classed as a Service Provider Level 2).