Last updated 18th March, 2020
About this statement
We are committed to respecting the privacy of your personal information.
InnovateAccess Pty Ltd
MRG Custodians Pty Ltd
MRA Logistics Pty Ltd
The Gimmie Group Pty Ltd
The Hellogoodbye Group Pty Ltd
We are bound by the Privacy Act 1988 (Cth) (Privacy Act) including Division 3 of Part IIIA and the Australian Privacy Principles contained in the Privacy Act as well as the Credit Reporting Privacy Code (CR Code) and are committed to protecting personal information (including credit information and credit eligibility information) we may hold at any time in respect of any individual, in accordance with those requirements.
What is “personal information”?
“Personal information” is information or an opinion about a reasonably identifiable individual. The types of personal information that we may collect include the following information about you which is relevant to our relationship or the product or service you are enquiring about or making an application for: name, address, contact details, date of birth, financial details such as income, savings and expenses and information from other financial institutions, employment details and the reason you might be applying for a financial product we supply.
We may also collect information regarding your internet activity (including your location) when you use our website or online services.
“Sensitive information” is a subcategory of personal information which includes information about your health. We may be required to collect sensitive information about your health in certain circumstances, for example when you make an application for assistance with financial hardship caused by illness or injury. We realise that this is often sensitive information and we will treat it with the highest degree of security and confidentiality.
What is “credit eligibility information”?
“Credit eligibility information” is personal information that has been obtained from a credit reporting body (CRB) (e.g. a consumer credit report), or personal information that has been derived from that information, that is about an individual’s consumer credit worthiness.
The kind of information we might derive from a consumer credit report includes:
- information which assists us to assess your suitability for credit;
- information about your credit history with other credit providers; and
- the likelihood of you being able to meet your commitments to us.
What is “credit information”?
“Credit information” is certain types of personal information that includes the following:
- information about an individual, like their name and address, that we may use to identify that individual;
- information about an individual’s current or terminated consumer credit accounts and an individual’s repayment history;
- the type and amount of credit applied for in any previous consumer or commercial credit applications to any credit provider, where that credit provider has requested information;
- information about an individual from a CRB;
- information about consumer credit payments overdue for at least 60 days and for which collection action has started;
- advice that payments that were previously notified to a CRB as overdue are no longer overdue;
- information about new credit arrangements an individual may have made with a credit provider, in relation to consumer credit currently or previously held, to deal with any defaults or serious credit infringements by that individual;
- information about court judgments which relate to credit that an individual has obtained or applied for;
- information about an individual on the National Personal Insolvency Index;
- publicly available information about an individual’s credit worthiness; and
- an opinion of a credit provider that an individual has committed a serious credit infringement of credit provided by that credit provider.
We will hold all of this information about an applicant for credit or related person (e.g. a director of a company which has applied for credit).
Why do we collect personal information?
We collect your personal information so that we can consider any application for credit, establish and administer the financial product or service provided to you, provide services to you in relation to that product or service, perform administrative functions, conduct customer satisfaction research, improve our products and develop new products, collect overdue payments relating to credit you owe, so that we can tell you about other products and services and products and services you may be interested in, to assess and process of a job application submitted by you or to assess and process an application to become a franchisee submitted by you or to search or register any security.
In certain circumstances, we may also be required to collect sensitive information about your health, for example when you make an application for assistance with financial hardship caused by illness or injury. We may collect this information from the third parties, for example a doctor or a hospital.
Further, we may collect your personal information to comply with legislative and regulatory requirements, for example under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth).
How do we collect personal information?
We ordinarily collect personal information directly from you or where it is provided to us with your authority (e.g. from a person appointed to act on your behalf). For example, we collect personal information through forms you fill out when applying for our products and services or through your ongoing interaction with us for example by telephone, mail and electronic communications or when you make a transaction.
We may also be required to collect personal information (including credit information and credit eligibility information) about you from a third party. These parties may include other credit providers or financial institutions, your representatives such as financial advisers or accountants, your insurers, publicly available sources (e.g. telephone directories), brokers, referrers or other intermediaries, our corporate partners or agents, government agencies and CRBs. Sometimes we may be required to collect sensitive health information about you from a third party, for example a doctor or a hospital.
In addition to the above, we may use technology called “cookies” to collect statistical information on our website use. When you call us on the telephone, we may monitor and, in some cases, record the telephone conversation for staff training and record-keeping purposes. Further, when we communicate with you by email, we may use technology to identify you so that we will be in position to know when you have opened the email or clicked on a link in the email.
If personal information about you is collected by third parties on any website you have accessed through our websites, we may also collect or have access to that information as part of our arrangement with those third parties.
We may also collect basic personal information about third parties (e.g. an employer or a health provider) if provided by an you as part of providing our services.
Finally, from time to time we may receive information that we have not asked for about you from third parties. We will only keep, use and disclose this information as permitted by law.
How do we store personal information?
We store your personal information (including credit information and credit eligibility information) in a number of ways including:
- in electronic systems and devices;
- in telephone recordings;
- in paper files; and
- document retention services off-site.
This may include storage on our behalf by third party service providers. See our comments below about how we protect your personal information.
How do we protect personal information?
We take all reasonable steps to protect your personal information (including credit information and credit eligibility information) from misuse, loss and unauthorised access, modification or disclosure. These include:
- • using appropriate information technology and processes;
- restricting access to your personal information to our employees and those who perform services for us who need your personal information to do what we have engaged them to do;
- protecting paper documents from unauthorised access or use through security systems we deploy over our physical premises;
- using computer and network security systems with appropriate firewalls, encryption technology and passwords for the protection of electronic files;
- securely destroying or “de-identifying” personal information if we no longer require it subject to our legal obligations to keep some information for certain prescribed periods; and
- requesting certain personal information from you when you wish to discuss any issues relating to the products and services, we provide to you.
Whilst we take reasonable measures, no data transmission over the Internet can be guaranteed as fully secure and accordingly, we cannot guarantee or warrant the security of any information you send to us using our online forms or products. You submit information over the Internet at your own risk.
Why do we exchange personal information with third parties?
We may need to disclose personal information (including credit information and credit eligibility information) about you to certain organisations in connection with the establishment and administration of your accounts.
The types of organisations to which we may disclose this information include our related bodies corporate, other credit providers (particularly when you are seeking finance from them), regulatory bodies and government agencies, courts and external dispute resolution schemes, your agents, brokers, referrers and other intermediaries, credit and debt agencies, payments systems participants, agents, contractors and professional advisers who assist us in providing our services, your referees as applicable (or prospective referees), your or our insurers, third parties for securitisation purposes and organisations that carry out functions on our behalf including mailing houses, data processors, researchers, debt collectors, system developers or testers, accountants, auditors, valuers and lawyers.
We may also disclose your personal information to third parties where you request us to or consent to us doing so or in order to fulfil our legal obligations.
The information we provide to other organisations will be limited to what is required to provide the service or comply with the law.
Exchange of information with overseas parties
Some of the parties with which we exchange your personal information, including our service providers and other third parties listed above, may be located outside Australia in countries including New Zealand.
Important information about the exchange of credit-related information with Credit Reporting Bodies (CRBs)
If you apply for credit, we may exchange certain credit-related personal information with CRBs.
The types of information we may disclose to CRBs may include that we provide credit to you, the type of credit you hold, the amount of credit provided to you, when your credit account is opened and closed, how you repay your credit, that you have made payments on time or corrected a default, the fact that you have failed to meet your repayment obligations or that you have committed a serious credit infringement. CRBs may include that information in reports provided to credit providers like us to assist them to assess your creditworthiness.
Under the Privacy Act, CRBs are also permitted to assist credit providers like us who wish to direct market to you by ensuring you meet certain specified criteria (called “pre-screening”). You have a right to request that CRBs not use your credit-related information for this purpose by contacting them using the details below.
You also have a right to request that a CRB not use or disclose your credit-related information if you believe that you have been a victim of fraud (including identity fraud) by contacting them using the details below.
The CRBs we exchange information with are:
• Illion Australia Pty Ltd (PO Box 7405, St Kilda Road, MELBOURNE Vic 3004 Email: [email protected], www.creditcheck.illion.com.au); or
• Equifax (PO Box 964, North Sydney, NSW 2059, Tel 138 332, www.mycreditfile.com.au).
From time to time we may also use your personal information to let you know about other products and services from us that you might be interested in. We might also want to let you know about products and services from our partners and other companies.
If you don’t want to receive advertising materials, please contact us on 1800 446 643.
Accessing and correcting personal information
We take reasonable steps to ensure that your personal information is accurate, complete and up to date.
You may request access to the personal information (including credit information and credit eligibility information) we hold about you at any time by contacting our Privacy Officer by:
• telephone on 1800 446 643
• online contact form at https://www.gimmie.com.au/about-us/customer-support
In certain circumstances, we may be unable to give you access to all of your personal information in our possession. Some of these circumstances include:
• where giving you access would compromise some other person’s privacy;
• where giving you access would disclose commercially sensitive information of ours or any of our agents or contractors;
• where we are prevented by law from giving you access; or
• where the personal information you request relates to existing or anticipated legal proceedings.
If we are unable to give you access, we will consider whether the use of an intermediary is appropriate and would allow sufficient access to meet the needs of both parties.
Where we do grant access to your information, we may charge you a fee for accessing your personal information.
Under the Privacy Act, you also have a right to request that we correct information (including credit information and credit eligibility information) that you believe to be inaccurate, out of date, incomplete, irrelevant or misleading.
If at any time you believe that personal information about you is inaccurate, out of date, incomplete, irrelevant or misleading, please advise us by contacting our Privacy Officer by:
• telephone on 1800 446 643
• online contact form at https://www.gimmie.com.au/about-us/customer-support If we don’t correct the information, you can also ask us to include with the information held, a statement from you claiming that the information is not correct.
If there is a denial of access to your personal information or a dispute as to the correctness of any personal information held, we will provide you with reasons for the denial or its refusal to correct the personal information. If you disagree with our decision for the denial or refusal to correct the personal information, you may request that we review the decision via our complaints handling procedures which are outlined below.
Dealing with us anonymously or using an alias
We will generally need to know who you are in order to provide you with our products and services.
Despite this, in some circumstances you are entitled to deal with us anonymously, or by using a pseudonym (alias), for example when making general enquiries about the services we offer.
You must tell us when you are using a pseudonym when applying for our services. If we need to identify you, we will tell you whether or not your real name is required to access those services.
Our internet websites
We are committed to resolving any complaint you may have. Complaints can be received in several different ways:
• in person
• by phone
• in writing
• via email
• via our website
Internal Dispute Resolution
If you have any complaint about how we collect, hold, use or disclose your personal information or you believe that we have failed to comply with relevant privacy law, please contact our Privacy Officer who will then follow our Privacy Internal Dispute Resolution process and respond to your complaint within fourteen (14) days.
Our Privacy Officer can be contacted at: The Privacy Officer, InnovateAccess Pty Ltd, Unit 1, 23 – 25 Burchill Street, Loganholme, Q. 4129; Tel 1800 446 643; Email: [email protected].
If you are not satisfied with our Privacy Internal Dispute Resolution process, you may refer your complaint to our External Dispute Resolution Scheme.
External Dispute Resolution
In the unlikely event that your complaint remains unresolved to your satisfaction through the internal procedures outlined above, you may elect to refer your complaint to external dispute resolution.
You can contact the Australia Financial Complaints Authority (AFCA) at:
Australia Financial Complaints Authority GPO Box 3
Melbourne VIC 3001
Phone: 1300 931 678
You may also elect to contact the Office of the Australian Information Commissioner (OAIC) if you have a complaint about the way we handle your personal information at:
GPO Box 5218
Sydney NSW 2001
Phone: 1300 363 992
Email: [email protected]
If you have any further questions or concerns about the way we manage your personal information, including if you think we have breached the Australian Privacy Principles, Part IIIA of the Privacy Act or the CR Code please contact:
Phone 1800 446 643
InnovateAccess Pty Ltd
Unit 1, 23 – 25 Burchill Street, Loganholme, QLD 4129