MEDX PRIVACY POLICY
In this Privacy Policy, we use the terms “We”, “Us” and “Our” to refer to any entity that forms part of the MedX Group, including MedX Finance (Operations) Pty Ltd (ACN 662 078 220), MedX Finance Pty Ltd (ACN 662 078 622) and each of their licensees.
PURPOSE OF THIS PRIVACY POLICY
Your privacy and maintaining the confidentiality of your personal information is important to Us. We are committed to maintaining the security of personal information provided to Us by individuals who access and use Our services.
The purpose of this privacy policy (Privacy Policy) is to set out how We collect, store, use and disclose personal information (including credit information and credit eligibility information (Credit-related Information)) and what steps We take to comply with the Privacy Act 1988 (Cth) and its amendments (Privacy Act) and other relevant laws.
We are bound by the Privacy Act including Division 3 of Part IIIA and the Australian Privacy Principles contained in the Privacy Act as well as the Privacy (Credit Reporting) Code 2014 (CR Code) and are committed to protecting the personal information and Credit-related Information We may hold at any time in respect of any individual, in accordance with those requirements.
Your continued use of Our services will be regarded as your acceptance of Our Privacy Policy. By continuing to use Our services, you acknowledge and agree that We may collect, hold and share personal information about you as described in this Privacy Policy.
WHY WE COLLECT PERSONAL INFORMATION
Our business is to understand and meet Our customers’ needs over their lifetime for a wide range of financial and other services. To do this effectively, We need to understand your personal and financial circumstances, which in turn requires Us to collect your personal information.
We only collect, hold and use personal information (including Credit-related Information) about you which is reasonably necessary for Us to conduct our business activities and provide Our services to you or to comply with the law. The purposes for which We will generally collect and use your information include:
Considering any application you make to Us for finance and managing that finance;
Establishing your identity;
Providing Our services to you;
Assessing your eligibility for credit-related products;
Performing administrative functions;
Telling you about Our other products and services;
Direct marketing and managing Our relationship with you; and
To comply with any associated legal or regulatory obligations.
TYPES OF PERSONAL INFORMATION WE COLLECT
The types of personal information We may ask you to provide to Us includes but is not limited to:
Personal and contact details such as your name, telephone number, email address, residential or postal address and date of birth;
Documentary evidence to verify your identity;
Financial details such as your income, expenses, assets and financial liabilities;
Your employment details;
Credit-related Information; and
Online website usage data.
Sensitive information is a subcategory of personal information which includes information relating to your racial or ethnic origin, political and religious beliefs and your health. We will only collect and hold sensitive information about you with your consent, and only if We consider it reasonably necessary for, or directly related to, one of Our functions or services.
Credit-related Information
Credit-related Information is information which is used to assess your eligibility to be provided with finance. Credit information includes your identity: the type, terms and maximum amount of credit provided to you, including when that credit was provided and when it was repaid; repayment history information; details of any serious credit infringements; court proceedings information and personal insolvency information. Credit eligibility information is credit reporting information supplied to Us by a credit reporting body (CRB) and any information We derive from it. Usually, Credit-related Information is exchanged between credit and finance providers and CRBs.
HOW WE COLLECT PERSONAL INFORMATION
In so far as possible, We collect personal information and Credit-related Information directly from you, verbally or in writing (including via application forms or through your ongoing interaction with Us for example by telephone, mail or electronic communication or when you make a transaction).
There may be instances where personal information about you will be collected indirectly from a third party. These third parties may include other credit providers or financial institutions, your representatives such as financial advisers, accountants, lawyers, insurers, brokers, government agencies and CRBs.
From time to time, We may receive information that We have not asked about you from third parties. We will only keep, use and disclose this information as permitted by law.
We may also collect your personal information by using electronic verification services or searching publicly available sources of information such as public registers. Any information collected from publicly available sources will be protected in the same way as the information you voluntarily disclose.
If you provide personal information to Us about someone else, you must ensure that you are entitled to disclose that information to Us, that the other person has consented to you providing Us with the information, and that We can collect, use and disclose that information as set out in this Privacy Policy without having to take any further steps required under law (such as obtaining consent directly from that person). This means that if you provide Us with personal information about someone else, you must make sure that the individual concerned understands the matters set out in this Privacy Policy and has provided their consent to be bound by this Privacy Policy.
DISCLOSURE OF PERSONAL INFORMATION
To enable Us to maintain a successful relationship with you, We may disclose your personal information to other organisations that provide products or services used or marketed by Us.
We may disclose your personal information:
To members of the MedX Group, including each of the companies listed in this Privacy Policy as “We”, “Us” and “Our”;
To other organisations that are involved in managing or administering Our services;
To regulatory bodies and government agencies;
To any person or entity who represents you including financial consultants, accountants, lawyers, mortgage brokers, persons holding power of attorney, guardians and advisers;
To anyone or any organisation, where you have provided Us consent; and
Where We are required to do so by law.
We will disclose your personal information only for the purpose/s for which we collected the personal information.
Prior to disclosing any of your personal information to another person or organisation, We will take reasonable steps to satisfy Ourselves that:
The person or organisation to which We disclose personal information has a commitment to protecting your personal information at least equal to Our commitment; or, if required,
You have consented to Us doing so.
STORAGE OF PERSONAL INFORMATION
We hold personal information in a combination of secure computer storage facilities and paper-based files. From time to time, personal information may be held on or within systems internal or external to Us including public and private clouds and We will take reasonable steps to protect the personal information We hold from misuse, loss, unauthorised access, modification or disclosure, including by:
Using appropriate information technology and processes;
Restricting access to your personal information to Our employees and ensuring those who perform services to or for Us who need your personal information do what We have engaged them to do;
Protecting paper documents from unauthorised access or use through security systems We deploy over Our physical premises;
Using computer and network security systems with appropriate firewalls, encryption technology and passwords for the protection of electronic files; and
Securely destroying or “de-identifying” personal information if We no longer require it subject to Our legal obligations to keep some information for certain prescribed periods.
Whilst We take reasonable measures, no data transmission over the internet can be guaranteed as fully secure and accordingly We cannot guarantee or warrant the security of any information you send to Us using Our online forms or products. You submit information over the internet at your own risk.
NOTIFIABLE MATTERS
The law requires Us to advise you of ‘notifiable matters’ in relation to how We may use your Credit-related information.
We exchange your Credit-related information with CRBs and use this information to confirm your identity, assess your credit worthiness, assess your application for finance or your capacity to be a guarantor and manage your finance. The CRB may provide the information that We report about you to other credit providers to assist them to assess your credit worthiness. We may also obtain information that other credit providers have provided to the CRB to use in Our assessment of your credit worthiness.
The information We can exchange includes your identification details, what type of loans you have, how much you have borrowed, whether or not you have met your loan payment obligations and if you have committed a serious credit infringement (such as fraud).
If you fail to meet your payment obligations in relation to any finance that We have arranged or you have committed a serious credit infringement, We may disclose this information to a CRB.
You have the right to request access to the Credit-related information that We hold about you and make a request for Us to correct that Credit-related information if needed. Please see the section headed “Accessing and correcting personal and Credit-related Information” below.
Sometimes your Credit-related Information will be used by CRBs for the purposes of ‘pre-screening’ credit offers on the request of other credit providers. You can contact the CRB at any time to request that your Credit-related information is not used in this way.
You may contact the CRB to advise them that you believe that you may have been a victim of fraud. For a period of 21 days after the CRB receives your notification that you have (or may have) been a victim of fraud, the CRB must not use or disclose that Credit-related Information. You can contact any of the following CRBs for more information:
Equifax.com.au
Illion.com.au
Experian.com.au
USE OF COOKIES
Our website uses “cookies” and similar online behavioural tracking techniques to help analyse how people use Our website. A cookie is a small text file placed on your computer by a web server when you access a website. Information generated by the cookie about uses of the website is then used to compile statistical reports on website activity by Us, helping improve the overall experience for users.
Cookies are designed to identify devices rather than individual users. We may, however, use them to help personalise your visit to Our website by linking the cookie on your device to your personal data stored on Our system.
If personal information about you is collected by third parties on any website you have accessed through Our website, We may also collect or have access to that information as part of Our arrangement with those third parties.
You may choose if and how to accept cookies by configuring the preferences and options in your web browser. However, if you choose to disable cookies, you may not be able to access some parts of Our website.
EXCHANGE OF INFORMATION WITH OVERSEAS PARTIES
There may be instances where your personal information is disclosed to Our associated entities or providers located in other overseas jurisdictions. The overseas jurisdictions that your personal information is subject to from cross border disclosure may change from time to time.
Where We disclose your personal information to an overseas recipient, We will take reasonable steps to protect your personal information and ensure that appropriate data handling and security arrangements are in place.
DIRECT MARKETING
We may use information collected from or about you for the purpose of providing you with current information about finance offers you may find of interest, changes to Our organisation, or new products or services being offered by Us or any company with whom We are associated.
If you wish to opt-out of receiving direct marketing communications from Us, please contact Us directly using Our details provided at the end of this Privacy Policy. If the direct marketing is sent by email you may also use the unsubscribe function. If You wish to opt-out of receiving direct marketing communications from third party organisations to whom We have disclosed your personal information, you may make a separate request to that organisation.
BUSINESS WITHOUT IDENTIFYING YOU
In most circumstances, it will be necessary for Us to identify you in order to successfully do business with you, however, where it is lawful and practicable to do so, We will offer you the opportunity of doing business with Us without providing Us with personal information, for example, if you make general inquiries about interest rates or current promotional offers.
NOTIFIABLE DATA BREACHES
Despite every effort to protect your personal information, there is always a possibility that a breach of Our security may occur. We are required to notify you and the Office of the Australian Information Commissioner (OAIC) where there is a data breach that will likely result in serious harm to you. If We believe there has been a data breach that impacts your personal information and creates a likely risk of serious harm, We will notify you and the OAIC as soon as practicable and keep in close contact with you about the nature of the breach, the steps We are taking and what you can do to reduce the impacts to your privacy.
If at any time you believe your personal information which We hold has been the subject of a data breach, please contact Us immediately using the contact details provided at the end of this Privacy Policy.
ACCESSING AND CORRECTING PERSONAL AND CREDIT-RELATED INFORMATION
We take reasonable steps to ensure the personal and Credit-related Information We hold about you is accurate, complete and up to date.
If you would like to request access to, or correction of, your personal or Credit-related Information, you can contact Us using the contact details provided at the end of this Privacy Policy. If any of the personal or Credit-related Information We hold about you is incorrect, inaccurate or out of date you may request that We correct the information. If appropriate We will correct the personal or Credit-related Information. Your request will be dealt with within a reasonable time and if We refuse to provide you with access to, or correct, the information, We will notify you of reasons for the refusal to the extent required and how you may complain about the refusal.
We may need to consult with other entities as part of Our investigation.
COMPLAINTS AND FURTHER QUESTIONS
If you have any questions, feedback or concerns about this Privacy Policy or about Our dealings with your personal information, including Our compliance with the Privacy Act and the CR Code you may contact Us at any time using the contact details provided at the end of this Privacy Policy. We will endeavour to acknowledge your request as soon as possible and provide you with a decision on your complaint as soon as reasonably practicable.
We will investigate your concerns and manage your complaint directly with you. If you are not satisfied with the outcome received, you may refer your complaint to the OAIC who can be contacted at either www.oaic.gov.au or by telephone on 1300 363 992.
CHANGES TO THIS PRIVACY POLICY
We reserve the right to change this Privacy Policy from time to time at Our sole discretion. If We do so, We will post the updated version on Our website and it will apply to the personal information held by Us.
This Privacy Policy came into operation on 29th July 2023 and was last updated on July 2023
OUR CONTACT DETAILS
Email: Info@medxfinance.com.au
Mail: PO Box 600 Mooloolaba QLD 4557