The policy was prepared in November 2018.
If you have any feedback on this policy, or you wish to contact us, please email us at email@example.com. We look forward to hearing from you.
We may vary this policy from time to time. We will ensure that the most updated version is on our website. We invite you to check the policy on the website from time to time.
In Australia, personal information is information or an opinion about you or from which you can reasonably be identified.
The General Data Protection Regulation (GDPR) regulates the way we process information, from which you can be identified or from which you are identifiable, that we collect about you while you reside in a country in the European Economic Area (EEA) or Switzerland. There is a list of EEA countries at the end of this section.
This policy refers to that information as “personal data”. The term “personal information” in this policy also includes that “personal data”.
For GDPR purposes, we process personal data about you when we collect and use that personal data. Also, we are the controller of that personal data.
When we collect personal data, we manage that personal data under this policy, the GDPR and any other law that applies to processing that personal data.
If we process personal data about you, there is more information about particular rights the GDPR gives you under the heading “Processing Personal Data under the GDPR” later in this policy.
The EEA countries are:
Austria, Belgium, Bulgaria, Croatia, Republic of Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, the United Kingdom, Iceland, Liechtenstein and Norway.
We collect personal information about you when we take a record of that personal information.
We may collect personal information about you including:
We collect personal information about you when we take a record of that personal information.
We collect personal information about you only where we need to or where that personal information is related directly to Volt Group functions or activities. For example, we may collect personal information about you to:
We or our service providers may collect personal information about you including:
We may collect other personal information about you from dealing with you to help us conduct our banking activities efficiently.
we may exchange personal information about you with credit reporting bodies.
That information may include the following information about you:
We may use information we get about you from a credit reporting body or information we derive from that information to assess your application for credit from us or to invite you to apply for another product or service from us.
We will collect personal information about you only if we reasonably need that information for our banking functions and activities. For example, we collect personal information about you so we can:
Our service providers may collect information about your use of our website, products or service for purposes including:
We may collect personal information about you because the law requires us to do so. For example, the law requires us to collect personal information about you to:
Mostly, we collect personal information about you from you. We may collect personal information about you from other sources, such as when:
Sometimes, we collect personal information about you that is available publicly or from others who:
If we receive personal information about you that we did not request, we will consider whether we need that information for our banking functions and activities. If not, we will destroy that information or ensure it does not identify you.
If we do not collect personal information about you, we may not be able to:
You may be able to use our website to find out information about us, our products and services by using a pseudonym or without identifying yourself. However, due to the nature of the products and services we supply, the law requires us to identify you when we make our products available to you or supply our services to you.
If you tell us personal information about another person, we ask that you:
We may use personal information about you to:
That correspondence is direct marketing. You can tell us to stop sending you direct marketing. Please see below for our contact details;
You can ask us any time to stop sending you direct marketing information. When we email you with direct marketing, you can respond by clicking unsubscribe and we will stop sending you direct marketing. We do not charge you a fee for asking us to stop direct marketing.
We may exchange personal information about you with:
Those suppliers may:
Our arrangements with suppliers will limit use of your personal information to the services they supply to us. We will ask suppliers to ensure their arrangements with contractors limit the contractors’ use of your personal information to help the suppliers to perform services for us.
We will require suppliers to return, destroy or de-identify personal information about you that they hold or their sub-contractors hold when they cease performing services for us. If you want information on how those suppliers manage your personal information, please email us at firstname.lastname@example.org;
We may disclose personal information about you to overseas entities that assist us to conduct our business. Some of those entities are situated in the USA. There may be other overseas jurisdictions, we cannot identify now, in which those overseas entities may hold your personal information. It may be necessary for those overseas entities to disclose your personal information under foreign law.
We are responsible for any failures by overseas entities to manage your personal information in accordance with the APPs.
Also, we may store information in the cloud or other networked systems. In that case, we may not be aware of the countries in which your information may be held.
We do not use Government related identifiers (such as tax file numbers or medicare card numbers) as to identify you in our records. We may collect and use some of your Government related identifiers, but only for reasons permitted by the Privacy Act, the Australian Privacy Principles (APPs) in the Act or any APP Code we follow. For example, we may use those identifiers to help us to check your identity before we make banking products available to you.
We will take steps reasonably available to us to protect your personal information from:
We will do this by ensuring that access to your personal information is password protected and available only to those of our employees that need to use, disclose or manage it under this policy.
You can ask for access to the personal information we hold about you. We may ask you to detail the information you require, if you want only some of that personal information.
If you want to access the personal information we hold about you, please email us at email@example.com.
Generally, we will give you access to the information you request. There may be some circumstances, permitted by the APPs, in which we will not give you that access. For example, we may not give you access to information where:
We will give you written reasons if we refuse to give you access to personal information you request, unless there are reasonable grounds (such as confidentiality obligations we owe) for not giving you those reasons. In any case, we will give you an explanation if we do not give you access to information because of a commercially sensitive decision-making process.
We will give you access to the information you request in the manner you request (for example, by email), if we are reasonably able to do so. If we are not able to do so or if we have a reason for not giving you access to all the information you request, we will work with you to give you access to personal information we hold about you in a way that meets your needs and our needs.
We will respond to any request you make for access to the personal information we hold about you within a reasonable time after you make the request. The time it takes will depend on the amount of information you seek and whether we have to make more enquiries of you to clarify your request. We expect to respond to any request you make for access within 30 days after we receive your request.
Depending on the amount of information you request, we may charge you a fee for organising the information you request from us. We will give you an estimate of the fee before we organise the information. Then, we can work with you to check whether you wish to limit your request to reduce the charges.
We take steps, reasonably available to us, to ensure that the personal information we hold about you is accurate, up-to-date and complete. To assist us, we ask that you contact us and update the personal details we hold about you (for example, your name, address and contact details), if those details change. You can contact us by email to firstname.lastname@example.org.
You may consider that the personal information we hold about you is inaccurate, out-of-date, incomplete, irrelevant or misleading. You can request us to correct the personal information we hold about you by email to email@example.com.
If we receive your request to correct information but consider that the information does not need correcting, we will give you a written notice setting out our reasons. Also, we will give you details of how you can:
We will respond to any correction request you make within a reasonable time after you make the request.
We will not charge you for correcting or associating a statement to personal information at your request.
If you have a complaint about the way we manage the personal information we hold about you, please email us at firstname.lastname@example.org.
If we cannot resolve your complaint in a manner that is satisfactory to you and within 30 days of receiving your complaint, we will tell you how you can take your complaint to the external dispute resolution scheme of which we are a member or the Office of the Australian Information Commissioner (OAIC).
We are a member of the Australian Financial Complaints Authority (AFCA). You can lodge a complaint with AFCA by visiting the AFCA website at www.afca.org.au.
You can make a complaint to the OAIC by using the privacy complaint form available at www.oaic.gov.au/individuals/how-do-i-make-a-privacy-complaint and submitting it online, by post, fax or email.
It is free to make a complaint to us, AFCA or the OAIC.
We will comply with any relevant laws to notify you and a regulator that the security of the personal information we hold about you has been breached.
Just a reminder: “personal data” is information, from which you can be identified or from which you are identifiable, that we collect about you while you reside in a country in the European Economic Area (EEA) or Switzerland.
In addition to other reasons set out in this policy, we may process personal data about you because:
We will retain personal data about you only for as long as is necessary for the purposes set out in this policy. We will retain and use that personal data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.
We may transfer personal data about you to, and maintain it on, computers located outside of your State, province, country or other governmental jurisdiction where the data protection laws may differ from those in your jurisdiction.
We may transfer that personal data to Australia and process it there or to other jurisdictions. Also, please read the particulars under the heading Disclosing personal information overseas in this policy.
We will take all steps reasonably necessary to ensure that personal data about you is treated securely and in accordance with this policy and no transfer of that personal data will take place to an organization or a country, unless there are adequate controls in place including the security of that personal data.
If you are a resident of an EEA country or Switzerland, you have certain data protection rights with respect to personal data we collect about you while you reside in that country.
We will take reasonable steps to allow you to correct, amend, delete, or limit the use of that personal data. If you wish to do so, please email us at email@example.com.
If you wish to know what personal data we hold about you and if you want us to remove that personal data from our systems, please contact us.
You can contact us and exercise the following rights in relation to the personal data we hold about you:
We may ask you to verify your identity before responding to any of those requests.
You have the right to complain to a data protection authority about our collection and use of personal data we hold about you. For more information, please contact your local data protection authority in the country (an EEA country or Switzerland) of which you were a resident when we collected personal data about you.