Bano Pty Ltd ACN 643 260 431 (we, us or our) respects the privacy of all customers, third parties, suppliers and visitors (you, your or yours) and is committed to protecting your personal information. The Privacy Act 1988 (Cth) (Privacy Act) defines personal information as information or an opinion about an identified individual, or an individual who is reasonably identifiable whether the information or opinion is true or not and whether the information or opinion is recorded in a material form or not (personal information).
Any personal information we collect about you will only be used for the purposes we have collected it for or as allowed under applicable law, including the Privacy Act. We comply with the Australian Privacy Principles for the protection of personal information, as set out in the Privacy Act.
KINDS OF PERSONAL INFORMATION WE COLLECT
We collect personal information from you for the purposes of dealing with you and in assisting us to arrange for the products and services you request to be provided to you. We may also collect your personal information for the purposes of direct marketing and managing our relationship with you.
The personal information we collect, and hold may include your location data, contact details, such as your name, address, telephone numbers and email address, your personal details, such as date of birth, your employment information, residential status, and information about your financial position, like your income, expenses, savings and assets, your reasons and objectives for applying for a product or service. We also hold all records of your communications and other interactions with us.
We may collect and hold identification and transaction information about you for the purpose of our compliance with the Anti-Money Laundering and Counter-Terrorism Financing Act 2008 (Cth). Your identity information may be verified with the issuer or official record holder. In certain cases, we collect your personal information from third parties, such as your nominated representative (such as a legal or financial adviser), your employer, or publicly available sources of information.
HOW DO WE COLLECT PERSONAL INFORMATION
We collect personal information about you when it is reasonably necessary for one or more of our activities or functions. This personal information is collected in a number of ways, including through the Sites. For example, we may:
- collect personal information from the Sites, such as when you visit, use or register on our Websites, Social Media Pages or Apps;
- collect personal information from you when you contact, do business or interact with us by phone or email;
- receive your personal information from other sources, such as public databases, acquired contact lists, professional bodies (for example under reciprocal arrangements), your employer, regulators and government and statutory bodies.
The provision of your personal information is voluntary. However, if you cannot, or will not, provide us with the personal information we reasonably require, we may not be able to verify your identify, assess your application for a product or service, manage our relationship with you, contact you or otherwise interact with you, perform our statutory functions, or provide you with some or all of our products and services.
USE OF PERSONAL INFORMATION
We will not collect or use your personal information unless it is lawful for us to do so. We collect and use personal information for the following purposes:
- considering any application made by you for products or services offered by us;
- to those involved in maintaining, reviewing and developing our business systems, procedures and infrastructure;
- to our partners in financial transactions, including financial institutions, remitters, payment organisations and securities brokers;
- to organisations involved in our normal business practices;
- fulfilling orders or requests for information, products or services (with your consent, if required);
- fulfilling our role as financial services provider, including maintaining Customer records, providing information on our services, products and benefits;
- for promotional and marketing purposes, including communicating information about our products and services (with your consent, if required);
- monitoring, moderating and improving our Sites;
- managing complaints;
- providing information to Australian regulators, government and statutory bodies;
- assessing or improving our products and services, as well as for training and quality purposes, including building profiles, monitoring, recording and analysing online interactions and communications between you and us;
- to engage with relevant registries using third party systems to match details contained in your Australian passport, driver licence, Medicare card, birth certificate and any other identification documents you provide us; and
- providing information to third parties as authorised or required by law or a court or tribunal.
We have a legitimate interest in using your information in these ways. It is also fundamental to the nature of the service we provide. In some cases, it will be lawful for us to collect and use your personal information, for example where it is necessary as part of our, or a third party's statutory function or because the law permits or requires us to.
In addition to the specific circumstances above, we will only use your personal information with your consent (if required under applicable data protection laws) when we process your personal information to send you carefully selected marketing materials about our products and services (or those of our third party partners) by email, text or push notification, depending on your operating system settings. You have the right to opt out of receiving such direct marketing at any time by contacting us. In your request, please indicate that you wish to stop receiving marketing communications from us.
DISCLOSURE OF PERSONAL INFORMATION
We do not use your personal information or disclose it to another organisation unless it is reasonably necessary for one of the purposes described above, having regard to the nature of the information or the circumstances of collection we believe you would expect us to use the information or make the disclosure: for example, if it is required or authorised by law or court or tribunal, it is necessary to protect the rights, property, health or personal safety of a customer, the public or our interests, and it is unreasonable or impracticable to obtain your consent, the disclosure is necessary to assist any entity, body or person to locate a person who has been reported missing, we have reason to suspect that activity, or misconduct of a serious nature, that relates to our functions or activities has been, is being or may be engaged in, and we believe that the collection, use or disclosure is necessary in order for us to take appropriate action, it is necessary to obtain third party services, for example to carry out data analysis or provide information processing services (where use of your information by third parties is strictly controlled), it is for one of the purposes expressly permitted under applicable data protection and privacy laws or you have provided your consent.
We may disclose your personal information to any of our related and associated companies, affiliates and subsidiaries, including those established in the future: for example, guarantors and security providers, credit bureaus, credit providers, brokers, agents, remitters, financial advisors and people who act on your behalf, organisations involved in our funding arrangements, banks and financial institutions, auditors, organisations that help identify illegal activities and prevent fraud, any data processors processing your information on our behalf, where applicable, third parties who provide related financial services or products in connection with our business such as our vendors, business partners, and any party assisting us in carrying out the purposes described above, parties which participate in joint marketing schemes with us, any agent, contractor or service provider who provides verification of identity, administrative, order processing, payment clearing, credit reference, debt collecting or other services necessary to the operation of our business, any person to whom we are, in our belief in good faith, under an obligation to make disclosure as required by any applicable law, government agencies, statutory authorities and industry regulators, our auditors, consultants, accountants, lawyers or other financial or professional advisers and our sub-contractors or third party service or product providers as may be determined to be necessary or appropriate.
CORRECTION / CONCERNS ABOUT PERSONAL INFORMATION
Individuals may request access to their personal information unless we are permitted by law to withhold that information. Individuals may also request the correction of any personal information which is inaccurate by contacting our Privacy Officer at email@example.com.
To the extent permitted by law, there are some exceptions where this access may be denied. To request access and seek the correction of personal information held by us, please email, call or write to us. We will endeavour to respond to any access or correction request within 7 working days of receipt.
If you would like any further information about our handling of personal information, or to make a complaint about our handling of your personal information, or you believe there has been a breach by us of the Privacy Act, please lodge a complaint addressed to our Privacy Officer at firstname.lastname@example.org.
Once we receive your complaint, we will respond to you within a reasonable period of time, usually within 7 working days. If you are unsatisfied with the outcome of your complaint, you may contact us further to advise of your concerns and, if we are unable to reach a satisfactory resolution, you may wish to take your complaint to the Office of the Australian Information Commissioner. Phone: 1300 363 992. Website: www.oaic.gov.au.
SECURITY OF PERSONAL INFORMATION
We use reasonable organisational, technical and administrative measures and security safeguards to protect, as is reasonable in the circumstances, the personal information we hold from misuse, loss, interference and/or unauthorised access, use, disclosure or alteration of information under our control. Where practicable, we implement measures to require organisations to whom disclosure is made to comply with applicable data protection and privacy laws. If a third party is given access to personal information, we take reasonable steps to ensure that the information is held securely and used only for the purpose of providing the relevant service or activity. Unfortunately, no data transmission over the internet or data storage system can be guaranteed to be 100% secure.
We will only retain your personal information for as long as is necessary for the purpose for which that personal information was collected and to the extent permitted by applicable laws. When we no longer need to use personal information, we will remove it from our systems and records and/or take steps to anonymise it so you can no longer be identified from it.