This Privacy and Credit Reporting Policy was last revised on 1St October 2015.
Global Invoice Exchange Pty Ltd ACN 605 911 706, 50 Holt Street SURRY HILLS NSW 2010 trading as FundX ("FundX") respects and is committed to protecting your privacy.
This document is our combined Privacy and Credit Reporting Policy. It describes how we will comply with our obligations under the Privacy Act 1998 (Cth) ("Act") and the Australian Privacy Principles (“APP”) found in the Privacy Amendment (Enhancing Privacy Protection) Act 2012 (Cth) in relation to the handling of your personal information. It also describes how we will comply with the credit reporting obligations contained in the Act and the Credit Reporting Code as registered under section 26S(1) of the Act.
2. Acknowledgement of Privacy and Credit Reporting Policy
You acknowledge this Privacy and Credit Reporting Policy (“Policy”) by:
a. accepting FundX’s Terms and Conditions (the “Terms”) which may be accessed here.
b. by accessing, browsing or using this Website; or
c. by using the Services.
By acknowledging this Policy, you also acknowledge how we collect Personal Information, the types of Personal Information we collect and how we may use and store such information. You further acknowledge the other disclosures in this Policy.
If you do not agree with the terms of this Policy, do not access the Website or use the Services.
We may from time to time amend the Policy. Please see the beginning of the Policy to determine when the Policy was last revised. Your continued use of the Website and Services means that you accept and agree to those changes.
This Policy does not apply to the collection, holding, use or disclosure of personal information that is an employee record. An employee record is a record of personal information relating to the employment of an employee. Examples of personal information relating to the employment of the employee include, but are not limited to, health information and information about the engagement, training, disciplining, resignation, termination, terms and conditions of employment of the employee. Please see the Act for further examples of employee records.
In this Policy, terms defined in the Terms have the same meaning when used in this Policy, in addition:
a. “Associate” means a person who is, or may become, an officer or employee of a Client or a Guarantor.
b. “Client” means a person (such as a company, sole trader or partnership) who has applied for, or may apply for, FundX lending services or to whom FundX has provided lending services.
c. “Credit-related Information” means credit information, credit eligibility information and credit reporting body derived information as those terms are defined in the Act. See Section 6 “Credit Reporting Policy” below for further details.
d. “FundX Account” means the account a person is required to open with FundX in order to become a Client or access the Services.
e. “Guarantor” means a person who has guaranteed, or may guarantee, the obligations that a Client has, or may have, to us.
f. “Personal Information” has the meaning given to it in the Act. In general terms, it means information that can be used to identify an individual. If the information we collect personally identifies an individual, or an individual is reasonably identifiable from it, the information will be considered personal information. Information can still be Personal Information if the information is not true or accurate.
g. “Sensitive Information” has the meaning given to it in the Act. In general terms, it means information or an opinion about racial or ethnic origin, political opinions, religious beliefs, philosophical beliefs, membership of a trade union, sexual preferences, criminal record, health information or genetic information.
h. “Stakeholders” means any person with whom FundX has business dealings, including its Clients, Guarantors and Associates, lenders and financiers, investors, credit agencies, contractors, consultants and suppliers.
i. “Unsolicited Personal Information” means Personal Information which FundX receives which it did not solicit.
4. Collecting and using Personal Information
Collection of Personal Information
FundX collects Personal Information in the course of its business dealings with Stakeholders. FundX will collect Personal Information directly from Stakeholders (e.g., through the Website, an application for a FundX Account, a Loan Application, email or other written communications, by other technology which supports communications between us, over a telephone call or in person) if it is reasonable or practicable to do so.
Anytime you use the Website, our servers automatically gather information from your browser (such as your IP addresses, browser type, Internet service provider (ISP), referring/exit pages, platform type, date/time stamp, and number of click(s) to analyze trends, administer the site, prevent fraud, track visitor movement in the aggregate, and gather broad demographic information. We also use “cookies” to keep track of some types of information while you are visiting our website or using our services. Cookies are very small files placed on your computer, and they allow us to count the number of visitors to our website and distinguish repeat visitors from new visitors. They also allow us to save user preferences and track user trends. We rely on cookies for the proper operation of our website; therefore if your browser is set to reject all cookies, the Website will not function properly.
When it is not reasonable or practicable to collect information directly from Stakeholders, FundX may seek to collect the required information from a third party. The third party could be, without limitation, an authorised representative (e.g., agent, accountant or lawyer), a financial institution, a referee, an employer or a government body. If FundX collects information about you from publicly available sources, it will manage that information in accordance with the APPs.
If you provide, or make available, any Personal Information about any Guarantor, Associate or other relevant business personnel, you must first notify them and obtain their consent to disclose such information to us.
Examples of Personal Information we collect are, without limitation:
a. Identification information: name, address and date of birth.
b. Contact information: mailing address, email, telephone numbers, social media identifiers (eg, Twitter handle, Skype address, LinkedIn contact, Facebook and Instagram accounts).
c. Unique identifiers: user name, account number and password.
d. Software Account: information relating to a Client’s Software Account. For further details on this aspect, see Section 5 “FundX Account and Software Account” below.
e. Business information: name, address, contact details, size and type of a Client’s, Guarantor’s or Associate’s business, and business and personal documents provided to FundX by a Client, Guarantor or an Associate in connection with FundX’s lending services, for example, personal and business tax returns, bank accounts, financial information and other documents, but these are considered Personal Information only to the extent that they comprise Personal Information about an individual.
f. Service information: information about the Services used by, or provided to, a Client.
g. Credit-related Information: for more details on this aspect see Section 6 “Credit Reporting Policy” below.
As a general rule, FundX does not collect Sensitive Information. However, if we do, it will usually be for the purposes of facilitating our business dealings with you and, if the law requires us to, we will seek your consent to collect your Sensitive Information.
Use of Personal Information
FundX uses the Personal Information it collects for its business purposes. These purposes may include:
· Making its Services available, whether to a person or generally
· Client service management
· Business relationship management
· Seeking financing from any investor
· Training and supervision of staff
We may use Personal Information for direct marketing communications and information about our products and services that we consider may be of interest to you. These communications may be sent in various forms, including mail, SMS, social media and email, in accordance with applicable marketing laws, such as the Spam Act 2003 (Cth). If you indicate a preference for a method of communication, we will endeavor to use that method whenever practicable to do so. If you would prefer not to receive such communications from us, please check the opt-out box when prompted at sign-up or you may unsubscribe at any time by following the unsubscribe instructions included in the marketing communications.
If FundX receives Unsolicited Personal Information, unless it determines that it could have collected that information in accordance with the APPs or the information is included in a Commonwealth record, it must destroy the information or otherwise ensure it is de-identified.
What happens if you don’t provide Personal Information?
Participation in or use of the Services is optional and you have at all times the choice of provide or withhold Personal Information. Please be aware though that if you do not disclose information to FundX as and when requested, FundX may not be able to provide its Services to you or our Services may not be able to be tailored to your particular needs, or FundX may not otherwise be able to engage in business dealings with you.
Anonymity and Use of Pseudonyms
While you may browse the public access areas of our Website without giving your Personal Information, we generally are not able to enter any business transactions with persons who choose to remain anonymous or to act under a pseudonym.
In collecting, holding and using your Personal Information, FundX will not use government related identifier as its own identifier unless permitted by the APPs. FundX will not use or disclose a government related identifier except as permitted by the APPs.
We may also collect some information that is not Personal Information because it does not identify you or anyone else. For example, we may collect aggregated information about how users browse the Website through the use of log files and cookies.
5. FundX Account and Software Account
In order to participate in the Services, you are required to create a FundX Account. We may offer different options to create a FundX Account, including:
a. Online registration form: you may choose to complete and submit an online registration form. If so, you will be asked to provide us with a business email address and a password that you will use for your FundX Account.
Regardless of which method you choose to register your FundX Account, we may send an email to your nominated email address, or to the email address that you have designated in your Software Account, to instruct you how to confirm your registration.
6. Credit Reporting Policy: Credit-related Information
This Section 6 is our Credit Reporting Policy. When we provide, or are considering the provision of, lending services to you, we may conduct a credit check on, and collect Credit-related Information about, you, any Guarantors or any Associates before credit is provided to you.
a. Types of Credit-related Information that may be collected: The types of Credit-related Information that we may collect about you, any Guarantors or any Associates include:
· name, residential address (including previous addresses), contact details (including telephone and email addresses) and other identity verification emails;
· date of birth and gender;
· credit history (including any repayments missed or late repayments that have been made);
· details of any credit provided by credit-providers (such as financial institutions, utilities or telecommunication providers);
· any credit rating or credit assessment score that we have derived or that is provided to us by a credit reporting body; and
· details of any credit-related proceedings or insolvency applications.
b. Use and disclosure of Credit-related Information: We may use the Credit-related Information that is collected and held by us in accordance with Part IIIA of the Act and the Credit Reporting Code. The purposes for which we use Credit-related Information may include without limitation:
· assessing any application made to us for our lending services;
· collecting payments that are owed to us in respect of any credit that we have provided to you;
· assessing a person’s suitability as a Guarantor and enforcing that guarantee if required;
· disclosing your Credit-related Information to a third party that you ask to act as a Guarantor in respect of any credit we have provided, or will provide, to you;
· disclosing your Credit-related Information to the credit reporting bodies that we deal with including Dun & Bradstreet – www.dnb.com.au / Veda – www.veda.com.au. For contact details and information on how credit reporting bodies manage Credit-related Information, please see their privacy policies available at their respective websites. You can ask a credit reporting body not to use or disclose your Credit-related Information for a period if you believe on reasonable grounds that you have been or are likely to be a victim of fraud;
· disclosing your Credit-related Information to payment system operators, insurers and other external organisations to assist us in approving and managing credit;
· to deal with complaints and legal proceedings; and
· meeting our legal and regulatory requirements.
c. Access and correction: You have a right to request access to, or the correction of, any Credit-related Information that we hold about you. You may do this in accordance with Section 9 “Access” and Section 10 “Correction” respectively of this Policy.
d. Complaints: You may complain about any failure by us to comply with Part IIIA of the Act or the Credit Reporting Code in accordance with the procedure set out in Section 12 “Complaints” below.
7. Disclosure of Personal Information to third parties
FundX may disclose your Personal Information to third parties, for example, without limitation:
a. Required by law: We may disclose your Personal Information if required to do so by law or ifwe, in our sole discretion, believe that disclosure is reasonable:
· to comply with a law, requests or orders from law enforcement, or any legal process (whether or not disclosure is required by applicable law); and
· to protect or defend our or a third party’s rights or property.
b. Direct marketing: We may disclose your Personal Information for direct marketing purposes as outlined in Section 4 “Collecting, holding and using Personal Information” above.
c. Credit reporting bodies: We may disclose your Personal Information including Credit-related Information to credit reporting bodies.
d. Disclosure to overseas recipients: We may disclose your Personal Information including Credit-related Information to third parties located overseas for some of the purposes listed above in Sections 7a to 7c. We may also disclose information to our data hosting and other IT service provides located in Australia. If we disclose any Personal Information or Credit-related Information to third parties located overseas, we take reasonable steps to ensure that the overseas recipients of such information do not breach the privacy obligations relating to that information.
8. Security and data quality
FundX holds Personal Information and Credit-related Information electronically and in hard copy form, both at our premises and with the assistance of our service providers.
We take reasonable steps to ensure that the Personal Information we collect is accurate, up to date and complete. This may include contacting you from time to time to seek updated information or confirmation of the information that we hold.
We use a variety of physical and electronic security measures including restricting physical access to our offices, firewalls and secure databases to keep information secure from misuse interference and loss and from unauthorised access, modification or disclosure. These measures include the use of Secure Socket Layer technology during credit card transactions and administrative access to site data as well as other proprietary measures that are applied to all repositories and transfers of user information.
We will exercise reasonable care in providing secure transmission of information between your computer and our servers. However, as the internet is inherently insecure, we cannot ensure or warrant the security of any information transmitted to us over the internet and accept no liability for any unintentional disclosure.
You may request access to any Personal Information including Credit-related Information that we hold about you at any time by contacting us (see details below at Section 12 “Contact us”). Where we hold information that you are entitled to access, we will try to provide you with suitable means of accessing it (e.g., by mailing or emailing it to you). We may charge you a reasonable fee to cover our administrative and other reasonable costs in providing the information to you. We will not charge for simply making a request and will not charge for making any corrections to your Personal Information.
There may be instances when we cannot grant you access to the Personal Information or Credit-related Information that we hold about you. For example, we may need to refuse access if granting access would interfere with the privacy of others or if it would result in a breach of confidentiality or a breach of law. It that happens, we will give you written reasons for any refusal.
If you believe that any Personal Information or Credit-related Information that FundX holds about you is incorrect, incomplete or inaccurate, then you may request that we amend it. We will consider if the information requires amendment and notify you in writing of our decision.
For any Personal Information that FundX holds about you:
· We will respond to your request for the correction of your Personal Information within a reasonable time (usually within 30 days);
· If we agree to your request, we will promptly correct any Personal Information that we hold about you that we are satisfied is inaccurate, out-of-date, incomplete, irrelevant or misleading; or
· If we do not agree that there are grounds for amendment, then we will not correct your Personal Information. However, you may request then we add a note to the Personal Information stating that you disagree with it.
For any Credit-related Information that FundX holds about you:
· We will respond to your request for the correction of your Credit-related Information within 30 days (or such longer period as we may reasonably request). If we cannot respond to your correction request without consulting with other credit providers or credit reporting bodies in relation to your request, we may do so, and these bodies are permitted by law to assist us in resolving your correction request;
· We will, if we agree to your request, promptly correct any Credit-related Information that we hold about you that we are satisfied is inaccurate, out-of-date, incomplete, irrelevant or misleading. If we do correct your Credit-related Information at your request, we will inform you and each other credit provider and credit reporting body to which we have previously disclosed that information that we have corrected your information. Where we disclosed your Credit-related Information after you made a complaint but before it was resolved, we will tell the recipient that you have made such a complaint and will subsequently inform that entity of the outcome of your correction request; and
· If we have any other reasons for suspecting that the Credit-related Information that we hold about you has become inaccurate, out-of-date, incomplete, irrelevant or misleading, independently correct this information without consulting you. If we do this, we will take reasonable steps to notify that correction to you and to any other entities to which we have previously disclosed that Credit-related Information unless it is impracticable for us to do so.
If you believe that your privacy has been breached, please contact FundX using the contact information set out Section 12 “Contact us” and provide details of the incident so that we can investigate it.
If your complaint relates to our failure to provide access to, or to correct, any Credit-related Information that we hold about you, you may lodge a complaint directly with the Office of the Australian Information Commissioner (for more information, please see http://www.oaic.gov.au).
Otherwise, if you have a complaint in relation to our handling of your Credit-related Information or if your complaint relates to Personal Information, you must first lodge your complaint with us using the details in Section 12 “Contacts” and provide us with details of the incident so that we can investigate it.
FundX will treat your complaint confidentially. Our representative will contact you within a reasonable time after receipt of your complaint to discuss your concerns and outline options regarding how they may be resolved. We will aim to ensure that your complaint is resolved in timely and appropriate manner.
If you are not satisfied with our handling of your complaint or our proposed resolution, you have a right to lodge a further complaint with the Office of the Australian Information Commissioner (for more information, please see http://www.oaic.gov.au). The Office of the Australian Information Commissioner can provide you with further information about the next steps in its complaints process.
12. Contact us
If you have any questions about this Policy, or you want to correct any person Information or Credit-related Information we hold about you, or you have concerns or a complaint regarding the treatment of your Personal Information or Credit-related Information or want to notify us of a possible breach of your privacy, please contact the FundX Privacy Officer as follows:
Phone: 0403 185609
Post: Chief Operating Officer
50 Holt Street
SURRY HILLS NSW 2010
13. Updates to the FundX Privacy and Credit Reporting Policy
FundX may change this Policy from time to time. If we make any material changes we will notify you by email or by means of a notice on this Site. We encourage you to periodically review this page for the latest information on the Policy. When we make changes to the Policy, we will revise the revision date at the top of the Policy.