CDR Policy

Scope

The rules for Open Banking are defined by the Consumer Data Right (CDR) which aims to provide greater choice and control for Australians over how their data is used and disclosed.

In order to access customer banking or energy data, a person must be identifiable, or ‘reasonably identifiable’ and the data requested from the accounts nominated relates to them and is appropriate for that person's use. This includes banking data from a joint account.

Collection of your personal or business data

Planwise AU Pty Ltd T/A UNO Home Loans (UNO) adopts a data minimisation approach and only collects information which is necessary to provide its service.

In this context, data which UNO will access for the duration of the consent is:

• customer and account information,
• bank balances,
• and transactions made to and from the bank account nominated.
  
  

This will occur several times a day in order to supply the most up to date notifications required for the UNO service to be useful as an online mortgage broker.

A consent receipt is provided at the time of providing consent. Both the consent provided, in terms of its scope and duration, and a summary of data retrieved from the nominated bank account are provided in a dashboard available from the mobile app. UNO customers will be able to change the consent provided or communicate any changes via this dashboard.

Classes of CDR data

The following classes of data are held by UNO:

Account Information

• Name of account
• Type of account

Transaction Details

• Incoming & outgoing transactions
• Amounts
• Dates
• Descriptions of transactions
• Who you have sent money to and received money from (e.g. their name, BSB, account number)

Purposes of CDR data

Account information and transaction details are collected by UNO so we can evaluate financial position and living expenses to be able to provide credit assistance (broking) to the client and prepare sets of data and documents for a subsequent mortgage application

Disclosure

To provide a positive consumer experience and ensure consumer control over their data, we do not provide information to third parties to engage in direct marketing. UNO may send information to customers from time to time relating to products and services for marketing purposes.

We do not disclose or use your personal data (including banking data) for commercial purposes.

We do not disclose your personal banking data to any non-accredited or accredited persons, be they in Australia or overseas.

Outsourced service providers

We utilise Wych, a CDR accredited data recipient. Wych develops and maintains the software required for collecting CDR data in alignment with the CDR Rules. Wych meets the most stringent of data security standards.

Our process ultimately requires us to provide copies of the CDR data to a lender for the purposes or a mortgage application. This may be provided in PDF (CDR Statement) or raw data format.

Accessing and correcting your personal information

A user can request correction of their data through the contact us channels listed below.

Sufficient details must be provided in order to assess and correct the data that is incorrect. If notified by phone or email, we will update the consumer dashboard, as soon as practical, with the request and later with the notification of the corrective action if applicable.

Once assessed, notice is given over email and the consumer’s dashboard. The notice sets out what we did in response to the request, any corrective action or comments, and the complaint mechanism available to the consumer if they are not satisfied.

How to contact us

You can contact us by email at any time via:

• privacyofficer@uno.com.au
• customer.care@uno.com.au 

Once we have received your message, we will respond as soon as is practical.

How to make a complaint

If you believe that there has been a breach of the CDR rules by UNO, please submit your CDR consumer data complaint via email to privacyofficer@uno.com.au .

Please include the following information when submitting your complaint.

• Your name;
• Your contact details;
• Your preferred contact method of complainant (phone / email / letter); and,
• The details of your complaint.

A CDR complaint can be made at any time. Once your complaint is received, UNO will acknowledge receipt of the complaint within one (1) business days of being received.

We will investigate your complaint and attempt to provide you with a written response to resolve the complaint, within thirty (30) calendar days of receipt of your complaint.

If your complaint remains unresolved after thirty (30) calendar days, you will be advised in writing that additional time is required to complete the investigation and to provide a response.

When the complaint is resolved, you will receive a ‘final response’ letter within 45 days, informing you of:

1. the final outcome of your complaint or dispute;
2. your right to take their complaint or dispute to External Dispute Resolution; and
3. if you are not satisfied with the response, you may lodge a complaint with the Australian Financial Complaints Authority.
   
   

Online: www.afca.org.au

Email: info@afca.org.au

Phone: 1800 931 678

Mail: Australia Financial Complaints Authority

GPO Box 3

Melbourne, VIC 3001

If your complaint remains outstanding within thirty (30) days, UNO must write to you to:

1. inform you of the reasons for the delay;
2. specify a date when a decision can be reasonably expected;
3. informs your of your right to take your complaint or dispute to an External Dispute Resolution; and
4. if you are not satisfied with our response, you may lodge a complaint with the Australian Financial Complaints Authority.

Online: www.afca.org.au

Email: info@afca.org.au

Phone: 1800 931 678

Mail: Australia Financial Complaints Authority

GPO Box 3

Melbourne, VIC 3001

Events for notifying CDR consumer

UNO does not make a consumer’s data banking data accessible or visible to outside our organisation. UNO employs stringent up to date information security practices.

In the event of a data breach e.g. someone gaining unauthorised access which results in loss of CDR data, UNO would notify a CDR consumer as soon as practical in order for the consumer to take appropriate action if required.

Consequence of withdrawing consent

When you stop sharing data with UNO, then we will stop collecting data from this account. We will also delete any data we previously received from this account. Where we are legally obliged to retain your data we will do this. This applies if we have already provided a recommendation (credit assistance)

Without this data, we will be limited in our ability to provide our services to you.

The detailed impact to your service are as follows:

• We may no longer be able to provide credit assistance to you
• We may require you to provide alternative banking data manually
• The tools we provide you may no longer be available or accurate

Deleting CDR data

You can stop sharing data with us at any time by going to our client platform and clicking on “Open Banking’ which will show you all the 

We will delete all banking data collected under a user’s consent, along with any derived data, within 24 hours of the following events:

• Your consent for access to banking data expires
• You stop sharing data with us before consent expires, or, you request data sharing to stop via the bank holding the account
• You delete your account
• Your bank or other data holder notifies us that you cease to be an eligible consumer with them

When any of these events occur, subject to not requiring that the data is held by Australian law, UNO will delete the users data using a scheduled daily process. The process deletes all bank data for the accounts for which consent was held. This includes data derived from the banking data obtained.

Availability of policy

This policy is available on our website www.unohomeloans.com.au/pages/open-banking-policy

‍