Our commitment to you
We understand how important it is to protect your personal information. This policy explains how your personal information will be treated, including when you access and interact with this website. A reference to ‘this website’ or ‘our website’ includes any websites operated by or on behalf of uno, including any microsites and mobile websites. This policy also includes our credit reporting policy, that is, it covers additional information on how we manage your personal information collected in connection with a credit application or a credit facility. We refer to this credit-related information below as credit information.
Our commitment in respect of protecting your privacy is to abide by the Australian Privacy Principles for the protection of personal information, as set out in the Privacy Act 1988 (Cth) and any other relevant law. In compliance with the Credit Reporting Code of Conduct that is issued under the Privacy Act, this document also contains a statement of ‘notifiable matters’. This is further explained below.
We review this policy periodically and we will amend our policy as the need arises, such as to reflect emerging legislative and technological developments, industry practice and market expectations. We will let you know of any changes to this policy by informing you via our website.
Uno operates through Planwise AU Pty Ltd (ACN 609 882 804) (uno), the holder of Australian Credit Licence 483595. Among other things, uno provides Australian customers with credit assistance into consumer credit loans. In this document, ‘uno’ ‘we’, ‘us’ and ‘our’ are references to uno and any related bodies corporate.
Your personal information
When we refer to personal information, we mean information or an opinion from which your identity is apparent or can reasonably be ascertained. The personal information we hold about you may also include credit information.
Credit information is a sub-set of personal information, and it is information that is used to assess your eligibility to be provided with finance. It may include any finance that you have outstanding, your repayment history in respect of those loans, and any defaults. Usually, credit information is exchanged between credit and finance providers and credit reporting bodies (CRBs). Credit providers (including banks, building societies, utility companies and telecommunications carriers) provide information about individuals’ activities in relation to consumer credit to central databases managed by CRBs. CRBs are then able to include that information on the individual’s credit report. A credit provider can obtain a copy of an individual’s credit report from a CRB to assist them in deciding whether to provide an individual with consumer credit, or to manage credit that has been provided to an individual.
About credit information and ‘notifiable matters’
The law requires us to advise you of ‘notifiable matters’ in relation to how we may use your credit information. You may request to have these notifiable matters (and this policy) provided to you in an alternative form, such as a hard copy.
We exchange your credit information with CRBs. We use the credit information that we exchange with the CRBs to assess your creditworthiness, assess your application for finance and manage your finance. If you fail to meet your payment obligations in relation to any finance that we have provided or arranged, or you have committed a serious credit infringement, we may disclose this information to a CRB.
You have the right to request access to the credit information that we hold about you and make a request for us to correct that credit information if needed. We explain how you can do this below.
Sometimes, your credit information will be used by CRBs for ‘pre-screening’ credit offers on the request of other credit providers. You can contact the CRB at any time to request that your credit information is not used in this way.
You may contact the CRB to advise them that you believe that you may have been a victim of fraud. For 21 days after the CRB receives your notification, the CRB must not use or disclose that credit information. You can contact any of the following CRBs for more information: Dun & Bradstreet (Australia) Pty Ltd (www.dnb.com.au); Experian (www.experian.com.au); and Veda Advantage Ltd (www.veda.com.au).
Your personal information and its protection are of upmost importance to us. Personal information held by us may include your name, date of birth, current and previous addresses, telephone or mobile phone number, email address, bank details, occupation, driver’s licence number, financial details and other information we think is necessary. We may hold details of products and services (including their status) you have such as your home loan, car finance or superannuation provider. We may hold information from CRBs, such as default information, personal insolvency information and repayment history information.
If you choose not to provide certain personal information (e.g. your date of birth), we may not be able to provide you with the products and services you require, or the level of service on which we aim to offer.
You may need to provide personal information about other individuals to us (e.g. about your authorised representatives or joint applicants). If so, we rely on you to inform those individuals that you are providing their personal information to us and to advise them that we can be contacted for further information (see ‘How to contact us’ at the end of this policy).
How we collect personal information
We collect personal information in a number of ways, including:
- directly from you, for example, when you provide information by phone, in application forms or other agreements, or when you submit your personal details through any of our online platforms;
- from joint applicants to your home loan, for example where one applicant has entered information into the app on behalf of all applicants and it is therefore unreasonable or impractical for us to also collect that information directly from you;
- from third parties such as providers of survey, competition or marketing related services, related companies, CRBs or your representatives. If we obtained your information through any of these methods and you would like a list of these entities or websites, or if you feel you have not given us consent to use your details, please contact us below.
- from publicly available sources of information;
- from the organisations and entities identified under ‘When we disclose your personal information’;
- from our own records;
- when you visit any of our online platforms;
- from Facebook and Google so that you can login to uno using your existing login details with them, and for us to provide you with a more personalised experience when you use our website and app; and
- when legally required to do so – for example, in the provision of specific credit services.
How we use your personal information
Your personal information may be used to:
- verify your identity;
- assist you to gain approval or provision of a product or service;
- provide the products and services you require;
- administer and manage (including the on-going management of) those products and services such as matters relating to making payments;
- inform you of ways the products and services provided to you could be improved or additional products or services that you may benefit from;
- market products or services (explained below);
- conduct appropriate checks for credit-worthiness and for fraud;
- research and develop our products or services provided, either directly or referred;
- help us manage our relationship with you, including, for example, dealing with any feedback, disputes or enquiries;
- help us complete internal reports and manage compliance related matters;
- gain an understanding of your information and credit or financial needs (such as by way of sending you a survey to conduct some research) in order for us to provide you with a better service.
We base some things on the information we get from CRBs, such as:
- our summaries of what the CRBs tell us; and
- credit scores. A credit score is a calculation that lets us know how likely a credit applicant will repay credit we may make available to them.
Information that we get from a credit reporting body or information we derive from such information is known as credit eligibility information.
Also, your personal information is collected so that we can promote and market products and services to you (including by way of direct mail, telemarketing, email, SMS and MMS messages). This is to keep you informed of products, services and special offers and this may continue after you cease holding an active product or service through us. If you do not wish for this to take place or continue, please contact us below.
When we disclose your personal information
We will not sell your information to any party outside of uno and any related bodies corporate. In order to deliver the products or services you require, we may disclose your personal information to organisations outside of uno and any related bodies corporate. Your personal information is disclosed to these organisations only in relation to us providing our products and services to you.
We use external organisations to carry out or handle our:
- customer enquiries and relationship management;
- mailing operations;
- billing and debt-recovery functions;
- information technology services;
- marketing and telemarketing
- market research;
- website usage analysis; and
- other business needs from time to time.
This means we disclose your personal information (such as name and address) to them. We take reasonable steps to ensure that these organisations are bound by confidentiality and privacy obligations in relation to the protection of your personal information.
In addition, we may disclose your personal information to:
- anybody who represents you, such as real estate agents involved in the sale or purchase of your property, and your finance brokers, lawyers and accountants;
- your employer, referees or identity verification services;
- any person who proposes to guarantee or has guaranteed repayment of any credit provided by you or any joint borrowers;
- CRBs (see ‘Sharing with CRBs’ below);
- fraud-checking agencies;
- credit providers (for credit related purposes such as credit-worthiness, credit rating, credit provision and financing);
- Australian Banks, non-bank lenders and providers of credit, financial or insurance services;
- our related bodies corporate;
- our professional advisers, including our accountants, auditors and lawyers;
- investors, agents or advisers, or any entity that has an interest in our business;
- other comparison sites, mortgage brokers or providers of investment, financial or credit where it is legal for us to do so;
- government and regulatory authorities and other organisations under which we are governed (such as ASIC and AUSTRAC) and other bodies as required or authorised by law (such as the ATO and in accordance with the Anti-Money or Laundering and Courter Terrorism Financing Act 2006 (Cth));
- organisations who manage our business, marketing and corporate strategies;
- associated businesses that may want to market products to you;
- any industry body, tribunal, court or otherwise in connection with any complaint, dispute or litigation regarding your loan;
- from Facebook and Google so that you can login to uno using your existing login details with them, and for us to provide you with a more personalised experience when you use our website and app;
- anyone, if in the public’s interest (such as if a crime is committed and disclosure to a law enforcement body may be justified); or
- anyone, where you have provided us consent.
Some of the above external organisations and entities may be located or operate outside of Australia and in particular we may exchange your personal information with third parties that operate in Germany and USA.
We may verify your identity using information held by a CRB. To do this we may disclose personal information such as your name, date of birth and address to the CRB to obtain an assessment of whether that personal information matches information held by the CRB. The CRB may give us a report on that assessment and to do so may use personal information about you and other individuals in their files. Alternative means of verifying your identity are available on request. If we are unable to verify our identity using information held by a CRB, we will provide you with a notice to this effect and give you the opportunity to contact the CRB to update your information held by them.
Transfer of information overseas
We currently run our business in Australia but this may be expanded to other countries and overseas. We will provide a list of these countries by updating this document.
We may need to share some of your information (including credit information) with organisations outside Australia, including Germany and USA. You should note that while they will often be subject to confidentiality or privacy obligations, they may not always follow the particular requirements of Australian privacy laws. Overseas organisations may be required to disclose information we share with them under a foreign law. In those instances, we will not be responsible for that disclosure.
We may store your information in cloud or other types of networked or electronic storage. You should note that, as electronic or networked storage can be accessed from various countries via an internet connection, it is not always practicable to know in which country your information may be held.
We will not share any of your credit information with a credit reporting body, unless it has a business operation in Australia. We are not likely to share credit information we obtain about you from a credit reporting body or that we derive from that information.
Sensitive information is any information about your racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual preferences or practices, criminal record or health information.
We may seek, collect, use or disclose sensitive information about you but only if that sensitive information relates directly to our ability to arrange or provide credit to you or manage the credit provided to you (including, for example, assessing hardship applications and collecting overdue payments).
Sometimes people share information (including sensitive information) with us we have not sought out. This could be through using our website or, for example, requesting us to assess or assist in a hardship application. If we receive unsolicited personal information (including sensitive information) about you, we will determine whether we would have been permitted to collect that information. If yes, then we will handle this information the same way we do with other information that we seek from you. If no and the information is not contained in a Commonwealth record, then we will destroy or de-identify it as soon as practicable, but only if it is lawful and reasonable to do so. Often, it is not possible for us to neatly unbundle this information then destroy or de-identify only certain sections or parts of it, and we may need to store this information for future use, such as to help resolve disputes between us or assess future applications by you. We have many security safeguards in place to protect the information from interference, misuse, loss, unauthorised access, modification or disclosure.
Sharing with CRBs
We may disclose information about you to a CRB when you are applying for credit, you have obtained credit from us, or if you guarantee or are considering guaranteeing the obligations of another person to us. When we give your information to a CRB, it may be included in reports that the CRB gives other organisations (such as other lenders) to help them assess your credit worthiness.
Some of that information may reflect adversely on your credit worthiness, for example, if you fail to make payments or if you commit a serious credit infringement (like obtaining credit by fraud). That sort of information may affect your ability to get credit from other lenders.
We may use or disclose your personal information to let you know about products and services from us and our agents, business partners and affiliates that might better serve your financial, lifestyle and other needs, or running competitions or promotions and other opportunities in which you may be interested. This includes what some may refer to as ‘cross-selling’, being suggesting a related or complimentary product or service to you.
We may conduct these marketing activities via email, telephone, SMS, iM, mail, or any other electronic means. We may also market our products and services to you through third party channels (such as social networking sites). We will always let you know that you can opt out from receiving marketing offers.
We may disclose your personal information to third parties such as brokers or agents, or for the purpose of connecting you with other businesses or customers. You can ask us not to do this at any time.
Third party marketing service providers may combine the personal information we disclose to them with information they already hold about you, in order to provide you with more relevant advertising about our or their products and services.
We will not use or disclose sensitive information about you for direct marketing purposes unless you have consented to that kind of use or disclosure.
Where we market to prospective customers, we are happy to let them know how we obtained their information and will provide easy to follow opt-outs.
IP address, cookies and web beacons
Your internet protocol address (or ‘IP address’) is the numerical identifier for your device when you are using the internet. It may be necessary for us to collect your IP address for your interaction with some parts of our website.
A web beacon is typically a transparent graphic image invisible to the user that is placed on a website. The use of a web beacon allows the website to record the simple actions of the user (such as opening the page that contains the beacon) through a tracking pixel.
We may use web beacons (and cookies) for purposes such as site usage analytics, advertising auditing and reporting, as well as content and ‘advertising/marketing personalisation’. We may share any data collected from web beacon (and cookies) with third parties to provide you with relevant advertising when browsing Third Party Websites.
Information from third parties
Our website may contain links to Third Party Websites (e.g. third party providers of goods and services). If you accessed Third Party Websites through our website and if those third parties collect information about you, we may also collect or have access to that information as part of our arrangements with those third parties.
Where you access a Third Party Website from our website, cookie and web beacon information, information about your preferences or other information you have provided about yourself may be shared between us and the third party.
Advertising and tracking
When you access our website after viewing one of our advertisements on a Third Party Website, the advertising company may collect information on how you utilise our website (e.g. which pages you view) and whether you commenced or completed an online application.
When you send a completed online application to us, we retain the information contained in that application. We are able to then use that information to provide any products and services that you require.
You may also be able to suspend and save online applications, so you can complete and send the applications at a later time. If you suspend or save your application, the information that you have entered will be retained in our systems so that you may recover the information when you resume your application. Online applications that have been suspended or saved may be viewed by us. In particular, if you start but do not submit an online application, we can contact you using any of the contact details you have supplied to offer help completing it.
We take all reasonable precautions to ensure that the personal information we collect, use and disclose is accurate, complete and up-to-date.
However, the accuracy of that information depends to a large extent on the information you or others provided to us.
Update and access of personal information
If you wish to make any changes to your personal information, please contact us. We will generally rely on you to assist us in informing us if the information we hold about you is inaccurate or incomplete.
You may request access to the personal information we hold about you by contacting us. We will respond to your request within a reasonable period. We will give access in the manner you have requested if it is reasonable to do so. We may charge you a fee to access the information. The fee will not be excessive and will not apply to the making of the request.
We may deny you access to your personal information in certain circumstances, for example, if required or authorised by or under an Australian law or a court/tribunal order, or it would be likely to prejudice enforcement related activities by an enforcement body. In relation to credit eligibility information, the exceptions may differ.
If we decide not to give you access, we will provide reasons for the refusal and information on how you can complain about the refusal.
Additional things we have to do to correct your credit information
If you ask us to correct credit information, we will help you with this in the following way.
Helping you manage corrections
Whether we made the mistake or some one else made it, we are required to help you ask for the information to be corrected. So we can do this, we might need to talk to others. However, the most efficient way for you to make a correction request is to send it to the organisation that made the mistake.
Where we correct information
If we are able to correct the information, we will let you know within five business days of deciding to do this. We will also let the relevant third parties know as well as any others you tell us about. If there are any instances where we cannot do this, then we’ll let you know in writing.
Where we cannot correct information
If we are unable to correct your information, we will explain why in writing within five business days of making this decision. If you have any concerns, you can access our external dispute resolution scheme or make a complaint to the Office of the Australian Information Commissioner (OAIC).
Time frame for correcting information
If we agree to correct your information, we will do so within 30 days from when you asked us, or a longer period that’s been agreed by you.
If we cannot make corrections within a 30 day time frame or the agreed time frame, we must:
- let you know about the delay, the reasons for it and when we expect to resolve the matter;
- ask you to agree in writing to give us more time; and
- let you know you can complain to our external dispute resolution scheme or the OAIC.
Storage and security of personal information
We store information in different ways, including in paper and electronic form. The security of your personal information is important to us and we take reasonable steps to protect it from misuse, interference and loss, and from unauthorised access, modification or disclosure. Some of the ways we do this are:
- confidentiality requirements of our employees;
- document storage security policies;
- security measures for access to our systems;
- only giving access to personal information to a person who is verified to be able to receive that information;
- control of access to our buildings; and
- electronic security systems, such as firewalls and data encryption on our website.
We may store your information in cloud or other types of networked or electronic storage. As electronic or networked storage can be accessed from anywhere via an internet connection, it is not always practicable to know in which country your information may be held. If your information is stored in this way, disclosures may occur in countries other than those listed here or those we referred to from time.
In addition to the above, we also regularly review developments in security and encryption technologies. However, it is important to remember that the use of email and the internet may not always be secure, even with these safeguards in place.
Business without identifying you
In most circumstances, it will be necessary for us to identify you in order to successfully do business with you. However, where it is lawful and practicable to do so, we will provide you with the option to remain anonymous or to use a pseudonym, for example, when you make general inquiries about our business or current promotional offers.
We do not adopt a government related identifier (such as your tax file number or your driver’s licence number) as a means of identifying you.
How to contact us
You may contact us during AEST business hours by telephone by calling 133 UNO (133 866), via post at Level 1, 10-14 Waterloo Street, Surry Hills NSW 2010, or by email at firstname.lastname@example.org
Complaints and further information
If you have a complaint about how we handle your personal information, we want to hear from you. You are always welcome to contact us.
You can let us know about your complaint or feedback by contacting us at:
The Privacy Officer
Level 1, 10-14 Waterloo Street, Surry Hills NSW 2010
Telephone: 133 UNO (133 866)
By giving us as much information as possible, you will help us resolve things faster. And if you have any supporting documentation, please have it handy when you raise your concern. Most complaints are resolved quickly and you should hear from us within five business days.
If you are dissatisfied with our response, you may make a complaint to the OAIC which can be contacted on either www.oaic.gov.au or 1300 363 992.
You may request further information about the way we manage your personal information by contacting us.
By providing your email address and then clicking submit on any online application, calculator, tool or query, you consent to receiving notices and other documents from us by email to the email address provided, and you understand that if you give this consent:
- we may no longer send you paper copies of notices and other documents;
- you should regularly check your email address for documents, including the spam folder, as an email will be deemed received once it enters your computer system; and
- you may withdraw your consent to receiving documents by email at any time by contacting us.
You also confirm that you have the facilities to print any notice or document that we send you by email, if desired.