This document sets out our policy on the management of personal information which we have about individuals. Those individuals include clients to whom we may provide or may have provided services and the debtors of our clients.
Our privacy assurance to you
Your privacy is and will always be important to us. As our client or debtor of our client we respect your right to be aware of who has information about you, what they are doing with it and why, and who else they are sharing it with. We have adopted a privacy compliance culture that cements this relationship with you. Its foundation is the Privacy Act 1988 (as amended by the Privacy Amendment (Enhancing Privacy Protection) Act 2012) and the Privacy Regulation 2013.
- the kinds of personal information we collect and hold;
- how we collect the personal information;
- the purposes for which we collect, hold, use and disclose the personal information;
- how an individual may access personal information about the individual that we hold and seek the correction of that information;
- how an individual may complain about a breach of the Australian Privacy Principles; and
- whether we are likely to disclose the personal information to overseas recipients and the countries where those recipients are likely to be located.
The kinds of personal information we collect and hold
Personal information is information about an identified individual or an individual who is reasonably identified. We collect and hold personal information about individuals who are clients or who are debtors of our clients. This information includes:
- identification information such as the individual’s name, date of birth, marital status and contact details (including address, phone number and email address);
- financial or credit information on debtors as provided by our clients;
- any other information that we consider necessary to provide our services.
The personal information collected may include sensitive information such as health information and memberships of professional or trade associations, which is protected under the Privacy Act 1988. We will only collect sensitive information from you with your consent, except where otherwise permitted by law.
How we collect personal information
We collect personal information about individuals in a variety of ways. For example, we may obtain the information from the individual or from persons acting on the individual’s behalf. When it is possible and practical we will collect the information direct from the individual. When it is not practical or reasonable to do so we will collect the information from a third party. The third party could be an authorised representative (such as a broker, agent, or contractor), a related body, a referee, an employer or a government body. We may also collect information based on the individual’s interactions with us. When the individual is a debtor or an associate we may obtain the information from our client.
How we hold personal information
We take all reasonable steps to ensure that an individual’s personal information which we hold is protected from misuse, interference or loss and from unauthorised access, modification or disclosure. We do this by having physical, electronic and procedural safeguards which protect the personal information we hold. For example, the personal information is stored in secure office premises or in secure archiving facilities. Logins and passwords are required to access our electronic databases. Our staff are required to maintain the confidentiality of personal information and access to personal information is restricted to persons who require the information to perform their duties. Where practical, we only keep personal information for as long as is required to meet our legal requirements or internal needs.
The purposes for which we collect, hold, use and disclose personal information
We collect, hold, use and disclose personal information on individuals for purposes required or permitted by law and which are reasonably necessary for our business activities. Those purposes include:
- the purpose for which the personal information was initially collected (including sharing with related entities) including the provision of information and our services to you;
- a purpose related to the initial purpose of collection if that other purpose would be within the individual’s reasonable expectations (or the individual’s consent is first obtained);
- marketing purposes;
- to deal with complaints:
- to meet our legal and regulatory requirements;
- to assist with a confidential alternative dispute resolution process.
We collect, hold, use and disclose personal information so that we can manage and administer the services which we provide. To provide our services in the most cost effective and efficient way we may decide to utilise the services of others. For example, we may provide the personal information of individuals to legal advisors to undertake recovery action, send correspondence or provide advice. In this instance we will require those other persons to respect your right of privacy. Personal information may also be used or disclosed to tell an individual about products or services that may be of interest to that individual. If the individual does not want his or her personal information used for these direct marketing purposes the individual can “opt-out” by sending an email to firstname.lastname@example.org or by writing to us at:
Privacy Contact Officer
Name: Tom Torpy
How an individual may access personal information
An individual may access personal information about the individual which we hold. The individual can obtain that access by contacting our privacy contact officer as follows:
|Telephone:||1300 306 619|
|Mail:||GPO Box 1900, Melbourne, VIC 3001|
We will need to verify the individual’s identity before giving access. We will usually provide the requested personal information within 30 days of receiving the request. There is no charge to make a request but we may levy an administration fee for providing access. If there is a reason why we do not make the requested personal information available we will provide our reason in writing. Such circumstances may include:
- access would create a serious threat to safety;
- providing access will have an unreasonable impact upon the privacy of other individuals;
- denying access is required or authorised by law;
- the request is frivolous;
- legal proceedings are underway;
- negotiations may be prejudiced by such access;
- access would reveal a commercially sensitive decision-making process.
How an individual may seek the correction of personal information
If an individual considers that any personal information which we hold about the individual is incorrect in any way the individual may ask us to correct that personal information. To seek the correction, please contact our Privacy Contact Officer on the telephone number or at the email or postal address above. In certain situations we may decide not to agree to a request to correct personal information. We will tell you in writing why we have not agreed to the correction request.
How an individual may complain and how we will deal with the complaint
We have an internal dispute resolution system that covers complaints. If an individual considers that we have failed to comply with Division 3 of Part IIIA of the Privacy Act 1988 or the Australian Privacy Principles he or she should contact our Privacy Contact Officer on the telephone number or at the email or postal address above. We will then follow our internal dispute resolution system. We will acknowledge the complaint within 7 days. A decision will be made and advised within 30 days or a longer period as may be agreed with the individual. If the individual is not satisfied with the decision he or she may make a complaint to the Office of the Australian Information Commissioner (the “OAIC”). The contact details for the OAIC are:
|Telephone:||1300 363 992|
|Facsimile:||(02) 9284 9666|
|Mail:||The Office of the Australian Information Commissioner|
|GPO Box 5218|
|SYDNEY NSW 2001|
Disclosure of personal information to overseas recipients
Generally, we will retain your personal information within Australia, and it is not likely that we will use or disclose it overseas. In the unlikely event that the information may need to be transferred overseas in order to perform one of our functions or activities, we will either obtain your express or implied consent or will use our best endeavours to ensure that your personal information will receive protection similar to that which it would have if the information were in Australia.
“client” means a person (such as a company, sole trader or partnership) to whom we have provided debt collection or recovery services;
“we”, “us” and “our” means each of Professional Recovery Services Pty Ltd ACN 159 237 019, Professional Recovery Services Aust Pty Ltd ACN 615 007 362 and their related body corporates under the Corporations Act 2001 (Cth); and