Privacy policy

Privacy

This privacy policy (this policy) sets out how Volt Group companies (each “we”, “us”) manage personal information, including credit-related information, we collect about you. Volt Bank Limited ACN 622 375 722 is a Volt Group company.

The policy was prepared in November 2018.

If you have any feedback on this policy, or you wish to contact us, please email us at privacy@voltbank.com.au. We look forward to hearing from you.

We may vary this policy from time to time. We will ensure that the most updated version is on our website. We invite you to check the policy on the website from time to time.

Personal information and personal data

Personal information in Australia

In Australia, personal information is information or an opinion about you or from which you can reasonably be identified.

When we collect and use personal information about you in Australia, we manage that personal information under this privacy policy, the Privacy Act, the Australian Privacy Principles (APPs) in the Act and any APP Code we follow.

Personal data in the European Economic Area and Switzerland

The General Data Protection Regulation (GDPR) regulates the way we process information, from which you can be identified or from which you are identifiable, that we collect about you while you reside in a country in the European Economic Area (EEA) or Switzerland. There is a list of EEA countries at the end of this section.

This policy refers to that information as “personal data”. The term “personal information” in this policy also includes that “personal data”.

For GDPR purposes, we process personal data about you when we collect and use that personal data. Also, we are the controller of that personal data.

When we collect personal data, we manage that personal data under this policy, the GDPR and any other law that applies to processing that personal data.

If we process personal data about you, there is more information about particular rights the GDPR gives you under the heading “Processing Personal Data under the GDPR” later in this policy.

The EEA countries are:

Austria, Belgium, Bulgaria, Croatia, Republic of Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, the United Kingdom, Iceland, Liechtenstein and Norway.

Collecting personal information

We collect personal information about you when we take a record of that personal information.

We may collect personal information about you including:

  • identification information such as your name, date of birth, address and contact details;
  • information you use or give us when you use our website;
  • financial information such as your income and expense particulars when we consider credit applications by you or offers to guarantee credit obligations owed by others to us; and
  • credit information such as details relating to your credit history, credit capacity and creditworthiness.

We collect personal information about you when we take a record of that personal information.

We collect personal information about you only where we need to or where that personal information is related directly to Volt Group functions or activities. For example, we may collect personal information about you to:

  • supply banking or other services to you;
  • manage our commercial relationship with you; or
  • promote products and services to you.

We or our service providers may collect personal information about you including:

  • identification information such as your name, date of birth, address and contact details;
  • information you use or give us when you:
    • enquire about our products or services;
    • apply to open an account with us or to obtain other products or services; and
    • use our website;
  • information we collect from supplying products or services to you;
  • information we collect when you use our website such as:
    • your IP address;
    • the user ID of logged in users; and
    • the username of login attempts;
  • financial information such as your income and expense particulars when we consider credit applications by you or offers to guarantee credit obligations owed by others to us; and
  • credit information such as details about your credit history, credit capacity and credit worthiness.

We may collect other personal information about you from dealing with you to help us conduct our banking activities efficiently.

Credit information

If you:

  • apply for, or have, a loan from us; or
  • offer to guarantee or guarantee obligations owed by others to us,

we may exchange personal information about you with credit reporting bodies.

That information may include the following information about you:

  • identification information such as your name, date of birth, address and driver’s licence number;
  • consumer credit liability information such as credit providers who gave you credit, the types of credit and the maximum amounts of credit available under those arrangements;
  • the history of whether you made loan repayments and when repayments were made;
  • that requests have been made for access to the credit file the credit reporting body holds about you;
  • the types of credit for which you have applied;
  • when you are at least 60 days overdue on a payment and when you have made those payments or entered into new payment arrangements;
  • court judgments relating to you and credit you obtained;
  • information about arrangements with creditors and whether you are bankrupt;
  • publicly available information about your credit worthiness; and
  • that in a credit provider’s opinion, you have committed a serious credit infringement such as:
    • obtaining or seeking to obtain credit fraudulently; or
    • acting in a way that led your credit provider to believe you no longer wish to comply with your credit obligations and your credit provider has been unable to contact you.

We may use information we get about you from a credit reporting body or information we derive from that information to assess your application for credit from us or to invite you to apply for another product or service from us.

Why we collect personal information

To help manage our relationship

We will collect personal information about you only if we reasonably need that information for our banking functions and activities. For example, we collect personal information about you so we can:

  • help us to understand your banking requirements and develop our products and services;
  • offer you our products or other products as they become available and that may be of interest to you;
  • make products available to you at your request;
  • improve the services and products we offer; and
  • manage our arrangements with you efficiently.

Our service providers

Our service providers may collect information about your use of our website, products or service for purposes including:

  • helping us to engage with you efficiently;
  • helping us to improve and promote the products and services we offer;
  • guarding against fraud;
  • checking for malicious activity; and
  • protecting our website from specific kinds of attacks.

The law

We may collect personal information about you because the law requires us to do so. For example, the law requires us to collect personal information about you to:

  • identify you under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) before we open an account for you or make a loan to you; and
  • decide whether a loan would be suitable for you under the National Consumer Credit Protection Act 2009 (Cth).

How we collect personal information

Mostly, we collect personal information about you from you. We may collect personal information about you from other sources, such as when:

  • you use our website; or
  • if you apply for a loan from us, when we obtain a credit report about you to consider your loan application.

Sometimes, we collect personal information about you that is available publicly or from others who:

  • act for you, such as your mortgage broker or another person who refers you to us;
  • check information you give us, such as confirming your income with your employer;
  • supply services (such as identity verification or loan settlement services) to us;
  • give us information to help us decide whether to make a product or service available to you (such as credit reporting agencies and other credit providers); or
  • help us manage our arrangements with you.

Unsolicited personal information

If we receive personal information about you that we did not request, we will consider whether we need that information for our banking functions and activities. If not, we will destroy that information or ensure it does not identify you.

What if you do not give us your personal information?

If we do not collect personal information about you, we may not be able to:

  • tell you about our products and services;
  • supply products and services to you;
  • manage our relationship with you, such as dealing with a complaint you make to us; or
  • tell you about other products and services that may interest you.

Dealing with us anonymously

You may be able to use our website to find out information about us, our products and services by using a pseudonym or without identifying yourself. However, due to the nature of the products and services we supply, the law requires us to identify you when we make our products available to you or supply our services to you.

Information about other people

If you tell us personal information about another person, we ask that you:

  • tell that other person that you have done so; and
  • invite that person to contact us to obtain a notice from us about how we manage their personal information.

How we use your personal information

We may use personal information about you to:

  • consider any requests or applications you make to us or to our service partners;
  • help us to understand your banking requirements;
  • refine and develop our products and services;
  • tell you about our products and services or products and services from our service partners that may be available to you. That may include telling you about competitions or other promotional events in which we invite you to participate.

That correspondence is direct marketing. You can tell us to stop sending you direct marketing. Please see below for our contact details;

  • identify you and manage our arrangements with you;
  • prevent or investigate conduct that may be fraudulent or criminal; and
  • any other purpose with your consent or at your direction.

Stopping direct marketing

You can ask us any time to stop sending you direct marketing information. When we email you with direct marketing, you can respond by clicking unsubscribe and we will stop sending you direct marketing. We do not charge you a fee for asking us to stop direct marketing.

Also, we will not send direct marketing to you if you are registered on the “Do Not Call” register. You can register on the “Do Not Call” register at www.donotcall.gov.au or phoning 1300 792 958.

Disclosing personal information

We may exchange personal information about you with:

  • other companies in the Volt Group;
  • credit reporting bodies, if you apply for, guarantee or obtain a loan or any other credit product from us;
  • any guarantors or possible guarantor of your obligations to us;
  • suppliers that help us to conduct our business. Amongst other suppliers, that may include suppliers that help us to:
    • understand your banking requirements;
    • improve our products or services;
    • verify identity;
    • settle loans we make available;
    • provide services to help us run our business;
    • take appropriate action about suspected unlawful activity or serious misconduct; or
    • take loan recovery action for us.
    • Those suppliers may:

    • disclose your personal information to contractors that assist the suppliers to perform services for us; and
    • track your use of our products, services or website.
    • Our arrangements with suppliers will limit use of your personal information to the services they supply to us. We will ask suppliers to ensure their arrangements with contractors limit the contractors’ use of your personal information to help the suppliers to perform services for us.

      We will require suppliers to return, destroy or de-identify personal information about you that they hold or their sub-contractors hold when they cease performing services for us. If you want information on how those suppliers manage your personal information, please email us at privacy@voltbank.com.au;

  • your employer to verify employment related information you give us;
  • other financial institutions;
  • mortgage brokers that introduce you to us and any mortgage aggregator that supplies services to your mortgage brokers;
  • any person who refers you to us to obtain services from us;
  • regulators or law enforcement bodies;
  • dispute resolution bodies or services, to assist with resolving any complaint you make about our products or services or any dispute you may have with us;
  • any entity that proposes to take an interest in our business or any of our loans or other assets. That may include entities that are involved in securitising any loan we made available to you; and
  • any person at your request or with your consent.

Disclosing personal information overseas

We may disclose personal information about you to overseas entities that assist us to conduct our business. Some of those entities are situated in the USA. There may be other overseas jurisdictions, we cannot identify now, in which those overseas entities may hold your personal information. It may be necessary for those overseas entities to disclose your personal information under foreign law.

We are responsible for any failures by overseas entities to manage your personal information in accordance with the APPs.

Also, we may store information in the cloud or other networked systems. In that case, we may not be aware of the countries in which your information may be held.

Use of Government identifiers

We do not use Government related identifiers (such as tax file numbers or medicare card numbers) as to identify you in our records. We may collect and use some of your Government related identifiers, but only for reasons permitted by the Privacy Act, the Australian Privacy Principles (APPs) in the Act or any APP Code we follow. For example, we may use those identifiers to help us to check your identity before we make banking products available to you.

Security of your personal information

We will take steps reasonably available to us to protect your personal information from:

  • misuse, interference or loss; and
  • unauthorised access, modification or disclosure.

We will do this by ensuring that access to your personal information is password protected and available only to those of our employees that need to use, disclose or manage it under this policy.

Access to your personal information

You can ask for access to the personal information we hold about you. We may ask you to detail the information you require, if you want only some of that personal information.

If you want to access the personal information we hold about you, please email us at privacy@voltbank.com.au.

Generally, we will give you access to the information you request. There may be some circumstances, permitted by the APPs, in which we will not give you that access. For example, we may not give you access to information where:

  • giving access would have an unreasonable impact on the privacy of others;
  • we reasonably believe the request is frivolous or vexatious;
  • the information relates to actual or possible legal proceedings between us and you and we would not have to produce that information under orders a court may make in those proceedings;
  • giving access would prejudice our interests relating to negotiations we are having with you or investigations we are making into unlawful activity or misconduct of a serious nature;
  • the law or a court or tribunal order prevent us from giving you access; or
  • giving access would reveal certain information we generate internally relating to a commercially sensitive decision-making process.

We will give you written reasons if we refuse to give you access to personal information you request, unless there are reasonable grounds (such as confidentiality obligations we owe) for not giving you those reasons. In any case, we will give you an explanation if we do not give you access to information because of a commercially sensitive decision-making process.

We will give you access to the information you request in the manner you request (for example, by email), if we are reasonably able to do so. If we are not able to do so or if we have a reason for not giving you access to all the information you request, we will work with you to give you access to personal information we hold about you in a way that meets your needs and our needs.

We will respond to any request you make for access to the personal information we hold about you within a reasonable time after you make the request. The time it takes will depend on the amount of information you seek and whether we have to make more enquiries of you to clarify your request. We expect to respond to any request you make for access within 30 days after we receive your request.

Depending on the amount of information you request, we may charge you a fee for organising the information you request from us. We will give you an estimate of the fee before we organise the information. Then, we can work with you to check whether you wish to limit your request to reduce the charges.

Correcting your personal information

We take steps, reasonably available to us, to ensure that the personal information we hold about you is accurate, up-to-date and complete. To assist us, we ask that you contact us and update the personal details we hold about you (for example, your name, address and contact details), if those details change. You can contact us by email to privacy@voltbank.com.au.

You may consider that the personal information we hold about you is inaccurate, out-of-date, incomplete, irrelevant or misleading. You can request us to correct the personal information we hold about you by email to privacy@voltbank.com.au.

If we receive your request to correct information but consider that the information does not need correcting, we will give you a written notice setting out our reasons. Also, we will give you details of how you can:

  • ask us to associate a statement to the information you consider to be incorrect; or
  • make a complaint about us refusing to correct information.

We will respond to any correction request you make within a reasonable time after you make the request.

We will not charge you for correcting or associating a statement to personal information at your request.

Complaints

If you have a complaint about the way we manage the personal information we hold about you, please email us at privacy@voltbank.com.au.

If we cannot resolve your complaint in a manner that is satisfactory to you and within 30 days of receiving your complaint, we will tell you how you can take your complaint to the external dispute resolution scheme of which we are a member or the Office of the Australian Information Commissioner (OAIC).

We are a member of the Australian Financial Complaints Authority (AFCA). You can lodge a complaint with AFCA by visiting the AFCA website at www.afca.org.au.

You can make a complaint to the OAIC by using the privacy complaint form available at www.oaic.gov.au/individuals/how-do-i-make-a-privacy-complaint and submitting it online, by post, fax or email.

It is free to make a complaint to us, AFCA or the OAIC.

Data breach reporting

We will comply with any relevant laws to notify you and a regulator that the security of the personal information we hold about you has been breached.

Processing Personal Data Under General Data Protection Regulation (GDPR)

Processing personal data

Just a reminder: “personal data” is information, from which you can be identified or from which you are identifiable, that we collect about you while you reside in a country in the European Economic Area (EEA) or Switzerland.

In addition to other reasons set out in this policy, we may process personal data about you because:

  • you have permitted us to do so to:
  • help us understand your banking requirements and develop our products and services;
  • offer you our products or other products as they become available and that may be of interest to you;
  • we need to perform an agreement (such as a contract to hold an account) we have with you;
  • the processing is in our legitimate interests and those interests are not overridden by your rights; or
  • we need to do so to comply with the law.

Retaining personal data

We will retain personal data about you only for as long as is necessary for the purposes set out in this policy. We will retain and use that personal data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.

Transferring personal data

We may transfer personal data about you to, and maintain it on, computers located outside of your State, province, country or other governmental jurisdiction where the data protection laws may differ from those in your jurisdiction.

We may transfer that personal data to Australia and process it there or to other jurisdictions. Also, please read the particulars under the heading Disclosing personal information overseas in this policy.

We will take all steps reasonably necessary to ensure that personal data about you is treated securely and in accordance with this policy and no transfer of that personal data will take place to an organization or a country, unless there are adequate controls in place including the security of that personal data.

Data Protection Rights Under the GDPR

If you are a resident of an EEA country or Switzerland, you have certain data protection rights with respect to personal data we collect about you while you reside in that country.

We will take reasonable steps to allow you to correct, amend, delete, or limit the use of that personal data. If you wish to do so, please email us at privacy@voltbank.com.au.

If you wish to know what personal data we hold about you and if you want us to remove that personal data from our systems, please contact us.

You can contact us and exercise the following rights in relation to the personal data we hold about you:

  • the right to access, update or delete the personal data we hold about you;
  • the right of rectification - you have the right to have the personal data we hold about you rectified if that personal data is inaccurate or incomplete;
  • the right to object. You have the right to object to our processing personal data we hold about you;
  • the right of restriction. You have the right to request that we restrict the processing of personal data we hold about you;
  • the right to data portability. You have the right to be provided with a copy of the personal data we hold about you in a structured, machine-readable and commonly used format and the right to have us transfer, where we are technically able to do so, the personal data we hold about you to another controller; and
  • the right to withdraw consent. Unless we have compelling and legitimate grounds for continuing processing (such as if you hold an account with us), you have the right to withdraw your consent where we relied on your consent to process personal data we hold about you.

We may ask you to verify your identity before responding to any of those requests.

Complaints

You have the right to complain to a data protection authority about our collection and use of personal data we hold about you. For more information, please contact your local data protection authority in the country (an EEA country or Switzerland) of which you were a resident when we collected personal data about you.