1. Personal Information we collect
The Personal Information we collect from or about individuals, is the information that is reasonably necessary for our business purposes, including providing credit reporting services to our customers (such as Credit Providers, Utilities, Telcos and other service providers). We may collect a significant amount of Personal Information from or about an individual including their:
- date of birth;
- driver’s licence number;
- marital status;
- phone number/s;
- email address/es;
- residential / business / postal address;
- residence type;
- employment history;
- banking credentials;
- banking or other financial transaction data; and
- credit information, including repayment information.
We do not have a need to collect sensitive information (such as race, religion, ethnicity, health information, criminal record, sexual orientation, trade union memberships etc.) so will not collect this information. We might, in limited circumstances, utilize biometric information for identification verification purposes but will only do so when expressly authorized by the individual concerned.
2. How we collect and hold Personal Information
As a provider of information services the information we collect is predominantly in a digital format.
We are serious about the security of the information we collect. To protect this information we employ contractual and administrative steps to ensure that this information is protected against any unauthorised access, disclosure or misuse. In addition to this we also utilise significant technology solutions to protect against unauthorised access or disclosure.
All our employees undertake training in handling information, with particular emphasis on protecting the personal information of individuals. We limit physical and digital access to our premises and computer networks to those that require such access.
We collect information from our customers, from individuals, third party service/data providers, Court records, publicly accessible databases, surveys or authorised parties.
We also may collect Personal Information about our customers, or employees or officers of our customers and prospective job applicants, so that we can meet internal operational requirements, complete business transactions, conduct research, deliver products and services, administer accounts, provide customer support or meet regulatory requirements.
3. Purpose of collection, holding, using and disclosing Personal Information
We collect, hold, use and disclose Personal Information in order to operate our business, including providing services to our customers and individuals. Some of the most common purposes for this will be:
- assisting our customers in assessing applications for personal or business related credit;
- assisting individuals and businesses in understanding their credit worthiness;
- assisting individuals and businesses in obtaining credit;
- for identity verification purposes for individuals and businesses;
- managing our relationship with individuals and our customers;
- ensuring Personal Information is accurate and up to date;
- assisting our customers in debt management and debt recovery;
- assisting our customers in risk management;
- for audit and record keeping purposes and to comply with our legal and regulatory obligations;
- processing and managing applications to work with us;
- for analytics, product development, research and benchmarking;
- to include in one or more of our databases so that we can provide it to our customers as part of the product or service they select;
- sharing with our group companies, affiliates and partners who will collect, hold, use and disclose Personal Information shared with them by us to create and sell risk analysis and other information products; and
- to assist our customers to identify products and services and special offers that might be of interest to individuals and businesses (limited to Marketing Services only).
While this list is not exhaustive, any purposes outside of this list will be consistent with those permitted under privacy laws.
We also use aggregated, de-identified information (this information is not Personal Information as it does not identify any individual/s) for research, analysis and product development. This non-personal information may be incorporated into products and services provided to our customers for their business use.
4. Accessing and correcting Personal Information
Under privacy laws, an individual has the right to access and request correction of any Personal Information we hold about them. We also recognise the accuracy of the Personal Information we hold about an individual is critical to our business so encourage individuals to correct any errors where they exist.
To access Personal Information we have established the Public Access Centre with the following contact points:
While we take reasonable steps to ensure that the Personal Information held by us is accurate and up to date, we generally rely on our customers, data suppliers and individuals to inform us if the information we hold is inaccurate or incomplete.
Once Personal Information is provided it is important that any errors are corrected, these should be raised through the Public Access Centre on the details above or complete and return this Correction Request form.
5. Making a complaint
While we aim to address matters quickly and efficiently we understand there are times when things may go wrong and an individual may want to make a complaint.
To make a complaint it may be beneficial to complete the Online Form to ensure all relevant information is available, otherwise please speak with us on the contact number above. Alternatively it may be helpful to click here to complete a Complaint Lodgement Form and return it to:
- Attention to: Privacy Complaints
Company: illion Australia
Postal Address: PO Box 7405
St Kilda Rd Melbourne VIC 3004
Fax: (03) 9828 3118
- Attention to: Privacy Complaints
Company: illion New Zealand
Postal Address: PO Box 9589
Newmarket, Auckland 1031
Fax: (09) 309 2050
As per our complaint handling policy we will address complaints as quickly and efficiently as possible, at a minimum we will acknowledge receipt of a complaint within five business days and commit to investigating the complaint and providing a response within 30 days, provided that we have access to all necessary information. In cases where further information, assessment or investigation is required, we will seek to agree on an acceptable alternative time frame.
If a privacy related complaint continues to be unresolved there may be the option to escalate the matter to an external body. If the matter relates to privacy this could be to the:
- Office of the Australian Information Commissioner (Australia) or
- Office of the Privacy Commissioner (New Zealand).
If the matter relates to illion’s Australian Consumer Credit Bureau (illion Data Registries Pty Ltd) the matter could be referred to the:
- Australian Financial Complaints Authority (AFCA).
6. Disclosure of information overseas
Our businesses operate across Australia and New Zealand. Australia and New Zealand privacy laws are substantially similar. If we disclose information to our related companies as part of our internal operations, we will comply with Australian law in respect of Australian information and New Zealand law in respect of New Zealand information.
Information about individuals that is only permitted to be collected by a credit reporting body (Australia) is only shared with entities that have an Australian link (for more information please refer to the Australian Credit Reporting Policy).
While our customers are generally local entities they may have operations overseas, this means we are unaware of what information our customers may disclose overseas. If information is supplied overseas we will take steps to ensure our customers continue to protect this in line with Australian and New Zealand privacy laws. Unfortunately, it is not possible to identify those countries where our customers may allow their information to be disclosed to, or accessed from.
In supplying our services we may utilise service providers, resources, and cloud based processes located outside of Australia or New Zealand. We use reputable service providers and ensure they have appropriate controls and contractual obligations relating to security of data.
We have access to, and supply global businesses with information relating to local and global businesses, this may include limited Personal Information relating to the officers of the relevant businesses. It is not possible to list those countries in which this information may be accessible.
We may use technology known as a “cookie” to collect statistical information about you when you visit the illion Site or use any of our products or services. Cookies are small pieces of information captured when your device is used to access online content. They can record information about your visit to the illion Site, allowing it to remember you the next time you visit and provide a more meaningful experience.
From time to time we may collect, use, store and disclose non-identifiable information relating to your use of the illion Site or any our websites or any of our products or services. For example, we may record information such as the areas of the illion Site that you visit along with the time, date and URL of the pages you access, the device you access the illion Site from, your IP address and/or the previous website that you visited before linking to the illion Site. We normally use this information in the aggregate to administer and improve our web site, and monitor proper website usage.
8. Direct Marketing
We do not use or allow Personal Information that is Credit Reporting Information (in Australia) or Credit Information (in New Zealand) to be used for Direct Marketing; this is not permissible by law (for more information on the use of Credit Reporting Information please refer to our Australian Credit Reporting Policy or the Summary of Rights for New Zealand).
As part of our product offerings to our customers, we have developed a marketing database that is used by our customers to supply information regarding products or services that may be of interest to individuals and or businesses. This database includes Personal Information that is obtained from publicly available data, surveys, competitions and other data supply companies.
lf an individual does not wish to receive marketing information they may at any time unsubscribe from receiving such information by responding via the channel in which they received the marketing communication.
If an individual does not wish for us to use their Personal Information for marketing purposes they are able to opt out by using this opt-out tool (Unsubscribe).
It is important to note that the opt-out request is limited to marketing material; we may still send you non-marketing information when required.
9. Contact Us
A copy of this Policy, including updates, is available at any time via our website www.illion.com.au under the Privacy link. If a printed copy is required this can be requested via our Public Access Centre on 1300 734 806 (Australia), 0800 733 707 (New Zealand) or by email request to firstname.lastname@example.org or email@example.com. If required in a particular format, illion Public Access Centre will take reasonable steps to make this happen but may charge a fee depending on the format required.
Last updated July 2019