Our commitment to you
We understand how important it is to protect your personal information. This policy explains how your personal information will be treated, including when you access and interact with this website. A reference to ‘this website’ or ‘our website’ includes any websites operated by or on behalf of uno, including any microsites and mobile websites. This policy also includes our credit reporting policy, that is, it covers additional information on how we manage your credit-related information. These terms are explained below.
Our commitment in respect of protecting your privacy is to abide by the Australian Privacy Principles for the protection of personal information, as set out in the Privacy Act 1988 (Cth), the Notifiable Data Breach scheme established under the Act and any other relevant law. In compliance with the Credit Reporting Code of Conduct that is issued under the Privacy Act, this document also contains a statement of ‘notifiable matters’. This is further explained below.
We review this policy periodically and we will amend our policy as the need arises, such as to reflect emerging legislative and technological developments, industry practice and market expectations. We will let you know of any changes to this policy by informing you via our website.
Uno operates through Planwise AU Pty Ltd (ACN 609 882 804) (uno), the holder of Australian Credit Licence 483595. Among other things, uno provides Australian customers with credit assistance into consumer credit loans. In this document, ‘uno’ ‘we’, ‘us’ and ‘our’ are references to uno and any related bodies corporate.
Your personal information and credit-related information
When we refer to personal information, we mean information or an opinion from which your identity is apparent or can reasonably be ascertained. This information may include information or an opinion about you that we collect and hold throughout the course of our relationship, and from persons you have nominated to supply information. The personal information we collect and hold about you may include:
- identification information – this includes your name, address, contact details and date of birth used to identify you, and used to protect against fraud and unlawful activity;
- financial information – this is information required for making credit-related decisions, such as credit reports from credit reporting bodies (CRBs), bank account information including those relating to your income and expenses, assets and liabilities, credit and loan repayment history, past and present credit types, employment information, court proceedings, insolvency and default information;
- sensitive information – this is any information about your racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual preferences or practices, criminal record or health information; generally, we will only collect sensitive information if it is reasonably necessary for one or more of our functions or activities, and you have consented to us doing so;
- credit information – this includes information that identifies you, about the amount you have borrowed, about repayments and defaults; and
- credit eligibility information – this is your credit reporting information produced by and supplied to us by a CRB, and any information that we derive from it.
Collectively, we refer to credit information and credit eligibility information as ‘credit-related information’. We use your credit-related information to assess your eligibility to be provided with finance, and this information may influence credit that has been provided to you or that you have applied for. This includes personal credit and business credit. It can also cover information about you as a guarantor of a loan. Usually, credit-related information is exchanged between credit and finance providers and CRBs.
CRBs and your personal information –‘notifiable matters’
The law requires us to advise you of ‘notifiable matters’ in relation to how we may use your credit-related information. You may request to have these notifiable matters (and this policy) provided to you in an alternative form, such as a hard copy.
We exchange your credit-related information with CRBs. We use the credit-related information that we exchange with the CRBs to confirm your identity, assess your creditworthiness, assess your application for finance or your capacity to be a guarantor, and manage your finance. We may obtain a credit report or provide other credit providers credit-related information to assist the assessment of your credit worthiness. If you fail to meet your payment obligations in relation to any finance that we have provided or arranged, or you have committed a serious credit infringement, we may disclose this information to a CRB.
You have the right to request access to the credit information that we hold about you and make a request for us to correct that credit-related information, if needed. We explain how you can do this below.
Sometimes, your credit-related information will be used by CRBs for ‘pre-screening’ credit offers on the request of other credit providers. You can contact the CRB at any time to request that your credit-related information is not used in this way.
You may contact the CRB to advise them that you believe that you may have been a victim of fraud. For 21 days after the CRB receives your notification, the CRB must not use or disclose that credit information. You can contact any of the following CRBs for more information:
- Equifax Australia – www.mycreditfile.com.au, (13 83 32)
- illion Australia Pty Limited – www.checkyourcredit.com.au, (13 23 33)
- Experian Australia Credit Services Pty Limited – www.experian.com.au
How we collect personal information
We collect personal information in a number of ways, including:
- directly from you, for example, when you provide information by phone, in application forms or other agreements, or when you use our website or submit your personal details through any of our online platforms;
- by electronic means – this occurs through electronic records created when you use our website, tablet or mobile applications, for example information about your location or activity including the date and time of visits, which pages are viewed, how you as the user navigate through the website and interact with the webpages (including fields completed in form and applications), IP address, telephone number, information about the device used to visit our website and whether you have accessed third party sites (see below for more information);
- from joint applicants to your home loan, for example where one applicant has entered information into the app on behalf of all applicants and it is therefore unreasonable or impractical for us to also collect that information directly from you;
- from third parties such as providers of survey, competition or marketing related services, related companies, CRBs or your representatives. If we obtained your information through any of these methods and you would like a list of these entities or websites, or if you feel you have not given us consent to use your details, please contact us (see ‘How to contact us’ at the end of this policy);
- from publicly available sources of information;
- from CRBs or credit providers;
- from the organisations and entities identified under ‘When we disclose your personal information’;
- from Facebook and Google so that you can login to uno using your existing login details with them, and for us to provide you with a more personalised experience when you use our website and app; and/or
- when legally required to do so – for example, in the provision of specific credit services.
If you choose not to provide certain personal information (e.g. your date of birth), we may not be able to provide you with the products and services you require or the level of service we aim to offer.
You may need to provide personal information about other individuals to us (e.g. about your authorised representatives or joint applicants). If so, we rely on you to inform those individuals that you are providing their personal information to us and to advise them that we can be contacted for further information (see ‘How to contact us’ at the end of this policy)..
How we use your personal information
We collect, use and exchange your personal information so that we can:
- verify your identity;
- assist you to gain approval or provision of a product or service;
- provide the products and services you require;
- administer and manage (including the on-going management of) those products and services such as matters relating to making payments;
- manage our risks and help identify and investigate illegal activity;
- contact you, for example, if we suspect fraud or need to tell you something important;
- inform you of ways the products and services provided to you could be improved or additional products or services that you may benefit from;
- promote and market products or services (explained below);
- conduct appropriate checks for credit-worthiness and for fraud;
- research and develop our products or services provided, either directly or referred;
- manage our business activities, including those that relate to generating new business, either directly or referred;
- help us manage our relationship with you, including, for example, dealing with any feedback, disputes or enquiries;
- conduct and improve our businesses and improve the customer experience;
- comply with our legal obligations and assist government and law enforcement agencies or regulators;
- complete and provide internal and external reports and manage reporting and compliance related matters; and/or
- gain an understanding of your information and credit or financial needs (such as by way of sending you a survey to conduct some research) in order for us to provide you with a better service.
We base some things on the information we get from CRBs, such as:
- our summaries of what the CRBs tell us; and
- credit scores. A credit score is a calculation that lets us know how likely a credit applicant will repay credit we may make available to them.
We may use credit-related information to assess your eligibility for credit or to become a guarantor, assist you to manage your repayment obligations, administer failures to repay, assess repayment variations, perform other credit maintenance activities in connection with your credit, comply with our regulatory obligations, prevent fraud, and similar. We may also collect, use and exchange your personal information in other ways where permitted by law.
When we disclose your personal information
We will not sell your information to any party outside of uno and any related bodies corporate. In order to deliver the products or services you require, we may disclose your personal information to organisations outside of uno and any related bodies corporate. Your personal information is disclosed to these organisations only in relation to us providing our products and services to you.
We use external organisations to carry out or handle our:
- leads generation;
- customer enquiries and relationship management;
- mailing operations;
- billing and debt-recovery functions;
- information technology services;
- marketing and telemarketing;
- market research;
- website usage analysis; and/or
- other business needs from time to time.
This means we disclose your personal information (such as name and address) to them. We take reasonable steps to ensure that these organisations are bound by confidentiality and privacy obligations in relation to the protection of your personal information.
In addition, we may disclose your personal information to:
- anybody who represents you, such as real estate agents involved in the sale or purchase of your property, and your finance brokers, lawyers and accountants;
- your employer, referees or identity verification services;
- any person who proposes to guarantee or has guaranteed repayment of any credit provided by you or any joint borrowers;
- CRBs (see ‘Sharing with CRBs’ below);
- fraud-checking agencies;
- credit providers (for credit related purposes such as credit-worthiness, credit rating, credit provision and financing);
- Australian Banks, non-bank lenders and providers of credit, financial or insurance services;
- our related bodies corporate;
- our professional advisers, including our accountants, auditors and lawyers;
- investors, agents, advisers, organisations who generate business for us, or any entity that has an interest in our business;
- other comparison sites, mortgage brokers or providers of investment, financial or credit where it is legal for us to do so;
- government and regulatory authorities and other organisations under which we are governed (such as ASIC and AUSTRAC) and other bodies as required or authorised by law (such as the ATO and in accordance with the Anti-Money or Laundering and Courter Terrorism Financing Act 2006 (Cth));
- organisations who manage our business, marketing and corporate strategies;
- associated businesses that may want to market products to you;
- any industry body, tribunal, court or otherwise in connection with any complaint, dispute or litigation regarding your loan;
- from Facebook and Google so that you can login to uno using your existing login details with them and for us to provide you with a more personalised experience when you use our website and app; and/or
- anyone, where you have provided us consent.
We may also disclose your personal information in other ways where permitted by law, such as if a crime is committed and disclosure to a law enforcement body may be justified.
Some of the above external organisations and entities may be located or operate outside of Australia and in particular we may exchange your personal information with third parties that operate in Germany and USA.
We may verify your identity using information held by a CRB. To do this, we may disclose personal information such as your name, date of birth and address to the CRB to obtain an assessment of whether that personal information matches information held by the CRB. The CRB may give us a report on that assessment and to do so may use personal information about you and other individuals in their files. Alternative means of verifying your identity are available on request. If we are unable to verify our identity using information held by a CRB, we will provide you with a notice to this effect and give you the opportunity to contact the CRB to update your information held by them.
Transfer of information overseas
We currently run our business in Australia, but this may be expanded to other countries and overseas. We will provide a list of these countries by updating this document.
We may need to share some of your information (including credit-related information) with organisations outside Australia, including Germany and the USA. You may obtain more information about these entities by contacting us. Where we do this, we make sure appropriate data handling and security arrangements are in place. You should note that, while they will often be subject to confidentiality or privacy obligations, they may not always follow the particular requirements of Australian privacy laws. Overseas organisations may be required to disclose information we share with them under a foreign law. In those instances, we will not be responsible for that disclosure.
As mentioned above, we may store your information in cloud or other types of networked or electronic storage. As electronic or networked storage can be accessed from various countries via an internet connection, it is not always practicable to know in which country your information may be held.
We will not share any of your credit-related information with a CRB unless it has a business operation in Australia. We are not likely to share credit-related information we obtain about you from a CRB or that we derive from that information.
Sometimes people share information (including sensitive information) with us we have not sought out. This could be through using our website or, for example, requesting us to assess or assist in a hardship application. If we receive unsolicited personal information (including sensitive information) about you, we will determine whether we would have been permitted to collect that information. If yes, then we will handle this information the same way we do with other information that we seek from you. If no and the information is not contained in a Commonwealth record, then we will destroy or de-identify it as soon as practicable, but only if it is lawful and reasonable to do so. Often, it is not possible for us to neatly unbundle this information then destroy or de-identify only certain sections or parts of it and we may need to store this information for future use, such as to help resolve disputes between us or assess future applications by you. We have many security safeguards in place to protect the information from interference, misuse, loss, unauthorised access, modification or disclosure.
Sharing with CRBs
We may disclose information about you to a CRB when you are applying for credit, you have obtained credit from us or if you guarantee or are considering guaranteeing the obligations of another person to us. When we give your information to a CRB, it may be included in reports that the CRB gives other organisations (such as other lenders) to help them assess your credit-worthiness.
Some of that information may reflect adversely on your credit-worthiness, for example, if you fail to make payments or if you commit a serious credit infringement (like obtaining credit by fraud). That sort of information may affect your ability to get credit from other lenders.
As explained above, we collect personal information so we can promote and market products and services to you. This is to keep you informed of products, services and special offers and this may continue after you cease holding an active product or service through us. If you do not wish for this to take place or continue, please contact us (see ‘How to contact us’ at the end of this policy).
We may use or disclose your personal information to let you know about products and services from us and our agents, business partners and affiliates that might better serve your financial, lifestyle and other needs or running competitions or promotions and other opportunities in which you may be interested. This includes what some may refer to as ‘cross-selling’, being suggesting a related or complementary product or service to you.
We may conduct these marketing activities by phone or direct mail, or via email, SMS, iM or any other electronic means. We may also market our products and services to you through third party channels (such as social networking sites). We will always let you know that you can opt out from receiving marketing offers.
We may disclose your personal information to third parties such as brokers or agents or for the purpose of connecting you with other businesses or customers. You can ask us not to do this at any time.
Third party marketing service providers may combine the personal information we disclose to them with information they already hold about you in order to provide you with more relevant advertising about our or their products and services.
We will not use or disclose sensitive information about you for direct marketing purposes unless you have consented to that kind of use or disclosure.
Where we market to prospective customers, we are happy to let them know how we obtained their information and will provide easy to follow opt-outs.
IP address, cookies and web beacons
Your internet protocol address (or ‘IP address’) is the numerical identifier for your device when you are using the internet. It may be necessary for us to collect your IP address for your interaction with some parts of our website.
You can opt out of tracking by Google Analytics and Google Analytics Demographics and Interest Reporting services by visiting Google Ads Settings or by downloading the Google Analytics Opt-Out Browser Add-on.
A web beacon is typically a transparent graphic image invisible to the user that is placed on a website. The use of a web beacon allows the website to record the simple actions of the user (such as opening the page that contains the beacon) through a tracking pixel.
We may use web beacons (and cookies) for purposes such as site usage analytics, advertising auditing and reporting, as well as content and ‘advertising/marketing personalisation’. We may share any data collected from web beacon (and cookies) with third parties to provide you with relevant advertising when browsing Third Party Websites.
Information from third parties
Our website may contain links to Third Party Websites (e.g. third party providers of goods and services). If you accessed Third Party Websites through our website and, if those third parties collect information about you, we may also collect or have access to that information as part of our arrangements with those third parties.
Where you access a Third Party Website from our website, cookie and web beacon information, information about your preferences or other information you have provided about yourself may be shared between us and the third party.
Advertising and tracking
When you access our website after viewing one of our advertisements on a Third Party Website, the advertising company may collect information on how you utilise our website (e.g. which pages you view) and whether you commenced or completed an online application.
When you send a completed online application to us, we retain the information contained in that application. We are able to then use that information to provide any products and services that you require.
You may also be able to suspend and save online applications, so you can complete and send the applications at a later time. If you suspend or save your application, the information that you have entered will be retained in our systems so that you may recover the information when you resume your application. Online applications that have been suspended or saved may be viewed by us. In particular, if you start but do not submit an online application, we can contact you using any of the contact details you have supplied to offer help completing it.
We take all reasonable precautions to ensure that the personal information we collect, use and disclose is accurate, complete and up-to-date.
However, the accuracy of that information depends to a large extent on the information you or others provided to us.
In accepting and consenting to this policy, you acknowledge that, if you knowingly provide information that is not true, correct or complete, it may affect your ability to secure finance, adversely affect your credit rating and/or may result in action against you.
If you do not provide us with this consent or give us accurate information, your application cannot be submitted to our suppliers for consideration.
Update and access of personal information (including credit-related information)
If you wish to make any changes to your personal information, please contact us. We will generally rely on you to assist us in informing us if the information we hold about you is inaccurate or incomplete.
If appropriate, we will correct the personal information at the time of the request, otherwise, we will provide an initial response to you within seven days of receiving your request. Where reasonable, and after our investigation, we will provide you with details about whether we have corrected the personal information within 30 days. Please note that we may need to consult with other entities as part of our investigation.
If we refuse to correct personal information, we will provide you with our reasons for not correcting the information.
You may request access to the personal information we hold about you by contacting us. We may need to contact other entities to properly investigate your request. We will respond to your request within a reasonable period, usually in 30 days. We will give access in the manner you have requested if it is reasonable to do so. We may charge you a fee to access the information. The fee will not be excessive and will not apply to the making of the request.
We may deny you access to your personal information in certain circumstances, for example, if required or authorised by or under an Australian law or a court/tribunal order, or it would be likely to prejudice enforcement related activities by an enforcement body. In relation to credit eligibility information, the exceptions may differ.
If we decide not to give you access, we will provide reasons for the refusal (except where it would be unreasonable to do so) and information on how you can complain about the refusal. If we refuse your request to correct your personal information, you have the right to request that a statement be associated with your personal information noting that you disagree with its accuracy.
Storage and security of personal information
We store information in different ways, including in paper and electronic form. The security of your personal information is important to us and we take reasonable steps to protect it from misuse, interference and loss and from unauthorised access, modification or disclosure.
Some of the ways we do this are:
- confidentiality requirements of our employees;
- document storage security policies;
- security measures for access to our systems;
- only giving access to personal information to a person who is verified to be able to receive that information;
- control of access to our buildings; and
- electronic security systems, such as firewalls and data encryption on our website.
- We take protecting the security of your personal information seriously. We have a response plan that is designated to enable us to contain, assess and respond to suspected data breaches in a timely fashion and to help mitigate potential harm to affected individuals.We may store your information in cloud or other types of networked or electronic storage. As electronic or networked storage can be accessed from anywhere via an internet connection, it is not always practicable to know in which country your information may be held. If your information is stored in this way, disclosures may occur in countries other than those listed here or those we referred to from time.In addition to the above, we also regularly review developments in security and encryption technologies. However, it is important to remember that the use of email and the internet may not always be secure, even with these safeguards in place.When we no longer require your information and we are legally permitted to, we take reasonable steps to destroy or de-identify the information. However, sometimes it is impossible or impractical to completely isolate the information then completely remove all traces of the information and we may store the information for future use, such as to help resolve disputes between us or assess future applications by you. The same security safeguards will be in place to protect the information, as detailed in this policy.
Business without identifying you
In most circumstances, it will be necessary for us to identify you in order to successfully do business with you. However, where it is lawful and practicable to do so, we will provide you with the option to remain anonymous or to use a pseudonym, for example, when you make general inquiries about our business or current promotional offers.
We do not adopt a government related identifier (such as your tax file number or your driver’s licence number) as a means of identifying you.
How to contact us
You may contact us during AEST business hours by telephone by calling 133 UNO (133 866), via post at Level 1, 10-14 Waterloo Street, Surry Hills NSW 2010, or by email at firstname.lastname@example.org
Complaints and further information
If you have a complaint about how we handle your personal information, we want to hear from you. You are always welcome to contact us.
You can let us know about your complaint or feedback by contacting us at:
The Privacy Officer
uno Home Loans
Level 1, 10-14 Waterloo Street, Surry Hills NSW 2010
Telephone: 133 UNO (133 866)
By giving us as much information as possible, you will help us resolve things faster. And, if you have any supporting documentation, please have it handy when you raise your concern. We will acknowledge your complaint within seven days and aim to resolve the complaint as quickly as possible. We will provide you with a decision on your complaint within 30 days, and may ask you for further information. We aim to resolve your concerns in a fair and efficient manner. If you are unsatisfied with our response, you may complain to our external dispute resolution scheme, the Australian Financial Complaints Authority (AFCA). AFCA provides fair and independent financial services complaint resolution that is free to consumers.
Website: www.afca.org.au Email: email@example.com
Telephone: 1800 931 678 (free call)
In writing to: Australian Financial Complaints Authority, GPO Box 3, Melbourne VIC 3001.
You may also make a complaint to the OAIC which can be contacted on either www.oaic.gov.au or 1300 363 992.
You may request further information about the way we manage your personal information by contacting us.
By providing your email address and then clicking submit on any online application, calculator, tool or query, you consent to receiving notices and other documents from us by email to the email address provided, and you understand that if you give this consent:
- we may no longer send you paper copies of notices and other documents;
- you should regularly check your email address for documents, including the spam folder, as an email will be deemed received once it enters your computer system; and
- you may withdraw your consent to receiving documents by email at any time by contacting us.
- You also confirm that you have the facilities to print and save any notice or document that we send you by email, if desired.