1.2 ABX Group is committed to providing you with the highest levels of client service. We recognise that your privacy and personal information is very important to you.
1.4 When used in this Policy, “personal information” has the meaning given in the Act, being in general terms, information or opinion about an identified individual, or an individual who is reasonably identifiable.
1.5 ABX Group has implemented practices, procedures and systems to ensure compliance with the Act and the Australian Privacy Principles and to deal with complaints and enquiries concerning your personal information.
1.6 ABX Group’s Privacy Officer (contact details in section 8 below) has overall responsibility for ensuring that ABX Group and its employees, agents and subsidiaries comply with this Policy.
1.7 ABX Group collects information only by lawful and fair means.
1.8 If you are a client of ABX Group, this Policy should be read in conjunction with the account agreement you have with the ABX Group.
2. Collection of personal information
2.1 ABX Group collects the following kinds of personal information:
- your identity particulars, including your name, sex, address (and previous two addresses), date of birth, name of employer and drivers licence number;
- details of services or products you acquire from ABX Group or which you enquire about, together with any additional information necessary to deliver those services or products and respond to your enquiries;
- information regarding transactions you conduct utilising ABX Group’s services;
- any credit information that may be obtained in the course of obtaining the identity particulars described above;
- personal information you provide to ABX Group through ABX Group’s service centre or in response to customer surveys;
- any additional personal information you provide to ABX Group online, by telephone, by email or otherwise to ABX Group representatives, or via your agents; and
- where you are a client of ABX Group, the contents of telephone conversations between you and ABX Group representatives.
2.2 ABX Group is required to collect certain personal information under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006, rules and other subordinate instruments (AML/CTF Laws).
2.3 If ABX Group does not collect your personal information, then ABX Group may not be able to provide you with its services or products, or enter into contracts or undertake transactions with you.
2.4 ABX Group will collect your personal information only from you unless it is unreasonable or impracticable to do so.
2.5 ABX Group collects your personal information from you, or via your agents, in ways including the following:
- through your access and use of the ABX Group website;
- during conversations between you and ABX Group representatives;
- when you complete an application, order form or a contract;
- when you conduct transactions using ABX Group’s services; and
- when you send information in emails or correspondence to ABX Group.
2.6 Where you are a client of ABX Group, ABX Group may be subject to compliance with its obligations under the Act and may access third party electronic databases necessary to assist it to identify you and such databases could contain credit information. ABX Group may therefore collect information about you that it has obtained from businesses that provide information about the credit worthiness of individuals, including consumer credit reports from a credit reporting body.
2.7 ABX Group will take reasonable steps to inform you if it collects personal information about you from someone else.
3. Purposes of collection, holding, use and disclosure of personal information
3.1 ABX Group collects, holds, uses and discloses your personal information (including credit information) for the following purposes:
- to provide its services and products to you and undertake associated business processes and functions;
- for administration, planning and account management;
- where you are a client of ABX Group, to identify you;
- to monitor, develop and improve the quality of its services;
- if you are registered with ABX Group, to send you information that is relevant to the provision of its services;
- to answer or process your enquiries or complaints, and provide information or advice;
- to comply with any law, rule or regulation (for example, in Australia the AML/CTF Laws) or binding determination, or to cooperate with any governmental authority; and
- any other purpose disclosed to you at the time ABX Group collects your personal information.
3.2 If ABX Group sends you information that is relevant to the provision of ABX Group’s services, and at any time you do not wish to receive that information, you may send ABX Group an email opt-out and request that you not be included in any future mail-outs.
4. Disclosure of personal information
4.1 ABX Group may disclose your personal information as follows:
a) to ABX Group’s contractors or service providers for the purposes of conducting its business and providing its services or products to you, including web hosting providers, IT systems administrators, mailing houses, couriers, payment processors, data entry service providers, electronic network administrators, debt collectors, and professional advisors such as accountants, solicitors, business advisors and consultants;
b) to ABX Group’s intermediary banks in order to process certain transactions on your behalf, for example, by disclosing your name and address;
c) to any partners, agents or intermediaries who are a necessary part of the provision of ABX Group’s products and services;
d) to international intermediaries to complete your transactions;
e) to credit reporting bodies if you are a client of ABX Group for the purpose of identifying you, in which case the information will be limited to your identity particulars, including your name, sex, address (and the previous two addresses), date of birth, name of employer, and drivers licence number;
f) to any government regulatory bodies that normally require it or may request it;
g) in order for ABX Group to satisfy its regulatory obligations under relevant AML/CFT Laws, for example in order to satisfy the obligation that ABX Group take reasonable steps to verify the identity of its clients, ABX Group may disclose your personal information to its external credit providers; and
h) as may be required under any other law.
4.2 Any of the recipients referred to in paragraph 4.1 may be located overseas. The location of any such overseas recipient will depend on the country to which your transaction relates.
4.3 If you are visiting from the European Union or other regions with laws governing data collection, please note that you are agreeing to the transfer of your personal information to Australia. By providing your personal information, you consent to any transfer and processing in accordance with this Policy.
5. Information retention, quality and security
ABX Group may hold personal information (including credit information and credit eligibility information) in electronic and/or hard copy format.
5.1 Personal information shall be retained only for as long as may be needed for the fulfilment of the purpose(s) for which the information is collected, used or disclosed, or as required by the Act, any other law or a court/tribunal order. You should be aware that ABX Group is obliged under relevant AML/CFT Laws to retain information relating to personal identity for 7 years.
5.2 Subject to any legislative requirements, ABX Group will destroy, erase, or make anonymous your personal information when it is no longer needed as referred to in paragraph 5.1.
5.3 ABX Group will take reasonable steps in the circumstances to ensure that your personal information is accurate, complete, and up-to-date, to minimise the possibility that inappropriate information may be used to make a decision about you.
5.4 ABX Group will not routinely update your personal information, unless such a process is necessary to fulfil the purposes for which the information is collected, used or disclosed. If you are a client of ABX Group, in accordance with your account agreement, you must notify ABX Group as soon as possible if any of the information you have provided to ABX Group has changed.
5.5 ABX Group will take reasonable steps to maintain the security of your personal information. ABX Group has in place a range of security safeguards to protect your personal information against loss or theft, as well as unauthorized access, disclosure, copying, use, or modification, regardless of the format in which it is held.
5.6 The methods of protection may depend on the sensitivity of the information and the format in which it is contained. Security measures employed by ABX Group include:
- technological measures including SSL 128 bit encryption for all data transfers over the Internet;
- physical measures such as locked filing cabinets and restricted access to offices;
- strategic measures such as security clearances and limiting access to a “need-to-know” basis; and
- ABX Group ensures that its staff are aware of the importance of maintaining the confidentiality of personal information.
6. Access and correction
6.1 You may request access to any personal information (including credit information) that ABX Group holds about you at any time by contacting ABX Group (contact details below). Where ABX Group holds personal information that you are entitled to access, ABX Group will within a reasonable period of your request (and always within 30 days of any such request) allow you access to that information. The requested information shall be provided or made available in the manner requested by you, if it is reasonable and practicable to do so, or otherwise in a suitable form such as by mailing or emailing it to you.
6.2 Where you request access to credit information, in order to ensure that you have access to the most up to date information, you should additionally request from the credit reporting bodies identified in paragraph 4.1(e) above access to the credit reporting information held by them.
6.3 You may point out to ABX Group that any personal information (including credit information) held by ABX Group is inaccurate, out of date, incomplete, irrelevant or misleading, and request correction of the information. ABX Group will take appropriate action to amend the information as required, give you notice of any correction and, if requested take reasonable steps to, or if required by the Act, notify any third party to whom the information has been disclosed of the correction. If ABX Group does not agree that there are grounds for amendment of your information then it will set out the reasons for its decision in writing and the mechanisms available to complain about the refusal, and upon request by you it will add a note to the personal information stating that you disagree with it.
6.4 There may be circumstances which preclude ABX Group from providing access to some or all of your personal information. For example, those circumstances could include:
- the information may impact on the privacy of other individuals;
- the information is commercially sensitive evaluative information;
- the information is subject to solicitor-client or litigation privilege;
- ABX Group is prohibited by law from providing you with access; or
- the disclosure could reasonably be expected to threaten the safety, physical or mental health or life of an individual.
6.5 If ABX Group decides that it cannot grant you access to your personal information, or grant access in the manner requested by you, it will set out the reasons for its decision in writing and the mechanisms available to complain about the refusal.
7.1 ABX Group takes all complaints seriously, and will investigate all complaints.
7.2 If you believe there has been a breach of the Australian Privacy Principles, or if you have any other concerns about ABX Group’s handling of your personal information, please speak to your usual contact at ABX Group in the first instance. ABX Group staff will be pleased to help and complaints can often be resolved at this early stage. If your concerns cannot be resolved at the first point of contact, the matter should be referred to ABX Group’s Privacy Officer (contact details below). At this stage, ABX Group will ask you to set out your complaint in writing providing as much detail as you can so that ABX Group’s Privacy Officer can fully investigate your complaint. ABX Group will then contact you with the results of its findings. You should allow up to thirty days from the time of your initial complaint, or such longer period as may be agreed to by you, to receive a response.
8. Contacting ABX Group
If you have any questions or concerns about this Policy or the collection, use or handling of your personal information, you may contact the ABX Group Privacy Officer at firstname.lastname@example.org
9. Office of the Australian Information Commissioner (OAIC)
OAIC is a government agency which oversees the Act and related legislation, and investigates complaints about handling of personal information under the Act. OAIC will in many cases only investigate cases once ABX Group has been given the opportunity to resolve your complaint internally. You may lodge your complaint with OAIC by sending the necessary documents and information to:
Australian Information Commissioner
GPO Box 5218
Sydney NSW 2001
Telephone: 1300 363 992
Facsimile: (02) 9284 9666
10. Credit reporting notifiable matters
10.1 The credit reporting bodies referred to in paragraph 4.1(e) above may include your personal information referred to in that paragraph in reports provided to other credit providers to assist them to assess your credit worthiness.
10.2 If you fail to meet your payment obligations in relation to the services ABX Group provides to you, if you commit fraud or try to do so, or if you otherwise commit a serious credit infringement, ABX Group may disclose this information to those credit reporting bodies.
10.3 ABX Group’s credit reporting policy is incorporated in this general Policy. You may obtain a copy of the credit reporting bodies’ credit reporting policies by contacting them using the contact details set out in paragraph 4.1(e) above.
10.4 You have a right to access the credit related information that ABX Group holds about you, to correct that credit related information and to make a complaint about ABX Group’s handling of your credit related information, as set out in clauses 6 and 7 of this Policy.
10.5 You also have a right to request that credit reporting bodies do not use credit related information held by them for the purposes of pre-screening of any direct marketing by credit providers. If you would like to make such a request, please contact the credit reporting bodies using the contact details set out in paragraph 4.1(e) above.
10.6 If you believe that you have been a victim of fraud, you have a right to contact the credit reporting bodies and ask them not to use or disclose your credit related information. If you would like to make such a request, please contact the credit reporting bodies using the contact details set out in paragraph 4.1(e) above.
11. Availability and changes to this Policy
11.1 This Policy is available on the ABX Group website. ABX Group may change this Policy from time to time. Any updated versions of this Policy will be posted on the website.
11.2 This Policy has been updated and is effective as of November 12, 2015