Privacy Policy

  1. Privacy Policy

This Policy outlines how we, Prospa Advance Pty Ltd and Prospa NZ Ltd (as applicable) (collectively, “Prospa”) and their related companies and permitted assigns (“we / us / the Group”), collect, use, and handle your personal information including credit related information in accordance with relevant legislation, including:

  • if you are in Australia, the Privacy Act 1988 (Cth) and the Australia Privacy Principles; and
  • if you are in New Zealand, the Privacy Act 2020,

(each a “Privacy Act”), and the Credit Reporting Privacy Code (as applicable to your jurisdiction) as amended or replaced from time to time (“Privacy Laws”).

Use of the terms “you” or “your” in this policy means both you as an individual and, where you interact with us as a representative of a business, your business. This policy is not limited to current customers or guarantors of customers (where applicable) – it relates to all other individuals who deal with us, whether in relation to the provision of credit or otherwise. By using our services or otherwise dealing with us, you are deemed to agree to our Privacy Policy.

If you provide any personal information to us about another person, you confirm that you have the authority of that person to share their information with us and to permit us to collect, use and handle their information in accordance with this Privacy Policy.  You must inform them of their rights to access and request correction of their information set out below, and how they can get access to Prospa’s Privacy Policy.

  1. What information we collect

We may collect your personal information from you, your agent or any other party that you authorise to disclose information to us and others such as our service providers, marketing companies, our agents, your financial service provider, advisers, brokers, employers, government agencies, public records or social media.

We collect information about you and your interactions with us, for example, when you enquire, apply for, request or use our products or services, make a card payment or transfer money, participate in a competition, promotion or survey, phone us or visit any of our websites. We also collect information about staff, prospective staff, contractors and suppliers, as well as the contact details of individuals who work for contractors and suppliers, and other types of professional associates.

It is not mandatory for you to provide us with the personal information that we request – however if you do not do so it may affect the products and services that we can provide to you or our ability to interact with you.

The types of information we may collect includes:

  • Key personal information such as your name, residential and business addresses, telephone numbers, email and other electronic addresses, identity documents, biometric information including a photo of your face;
  • Financial and related information, such as your occupation, financial records, bank account information and transaction history, assets, expenses, income, revenue, dependents, and regarding your employment, financial and business dealings and other relevant events;
  • Your transaction history (with us and our associates or relevant third-parties), which may include information about products you have used with us in the past, your payment history, and the capacity in which you have dealt or deal with us; and
  • Other relevant information, which, depending on the circumstances, may also include invoicing information, accounting information, your gender, your marital status, tax file number information, director identification number and other government identifiers.

Sensitive information

We may inadvertently collect sensitive information such as your health information whilst assisting you with a hardship application, debt recovery or a complaint. Sensitive information is used only for the purpose for which it was collected.

Bank statement information

If you agree to use bank statements and third-party account aggregation service providers in connection with our assessment of your application and loan management, you permit such third-party services to access your banking transaction data linked to the online banking credentials you provide. The third-party service provider may access transactional data from any account that is associated with the login credentials that you submit. This may include personal accounts as well as business accounts.

Through the use of such third-party service providers, we will obtain up to the last twelve (12) months of bank transactions when you apply for a product or service with us. We may also obtain further ongoing bank transactions during the term of the product or service we provide. This information is used for the purposes of assessing your application, administering our products and services, making future offers to you, meeting our audit, legal and regulatory obligations, and data analytics.

Your provision of banking login credentials to utilise such third-party service providers does not provide us with your login credentials or passwords or the ability to access your internet banking (other than as stated above). We note that your bank’s terms may prohibit you from sharing your login, so you agree to appoint our third-party service provider as your agent to access your internet banking on your behalf solely for this purpose, and you consent to our ongoing access to this information.

Should you agree to the use of such a third-party service provider, you will be subject to their terms and conditions and privacy policy which will govern any act or omission of that third-party service provider in connection with your use of that service.

Cookies

When you use our website or mobile applications, we may collect information about your location or activity including your IP address, telephone number and whether you’ve accessed third-party sites. Some of this website information we collect using cookies. We also use cookies to improve your user experience when using our website and to learn how you interact with our content.

  1. Using your information

We use your information to:

  • Establish your identity and consider your applications for products and services;
  • Price and design our products and services current, and future;
  • Administer products and services offered or managed by us, including for purposes such as assessing whether to make any future offer to you, loan management including debt collection, communicating with you, complaint management, facilitating payments, generally carrying out our business functions and activities such as staff training, system monitoring, system development, credit scoring and audits;
  • Establish and manage our relationship with you, including fulfilling our obligations and exercising our rights under any agreement with you;
  • Conduct and improve our businesses and improve our customers’ experience;
  • Direct marketing, including by email or other electronic means;
  • Manage our risks and help identify and investigate illegal activity, such as fraud;
  • Assess applications for employment and complete background checks for prospective staff, contractors or suppliers;
  • Comply with our legal & regulatory obligations (including obligations under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) and the Anti-Money Laundering and Countering Financing of Terrorism Act 2009 (NZ)) and assist government and law enforcement agencies or regulators; and
  • For identification and provision of products or services offered by us, any of our Group members or any third-parties that may reasonably be of interest to you (refer to section 3.1 below).

We may also collect, use and share your information in other ways where you have authorised us to do so or where permitted by law.

Data insights
Improvements in technology enable organisations to collect and use information to get a more integrated view of customers and provide better products and services. We may combine our customer information with information available from a wide variety of external sources (for example census or Bureau of Statistics data). We are able to analyse the data in order to gain useful insights which can be used for any of the purposes mentioned in this policy. In addition, Group members may provide data insights or related reports to others, for example, to help them understand their customers better. These insights and reports are based on aggregated information and do not contain any information that identifies you.

  1. Sharing your information

We may share your information with Group members and third-parties where this is permitted or required by law, or for any of the purposes mentioned in section 3.

Third-parties include but are not limited to:

  • Your co-applicant(s) (if any) and Guarantors or any person providing security for any service or product we provide;
  • Entities that provide services to us and other service providers including funders, investors, rating agencies, auditors, advisors, identity verification providers, direct marketing providers, mailing house, call centre operators, information technology and software providers, debt recovery agents, law firms, market research / data providers, loyalty program redemption partners, dispute resolution services, and other entities that provide products and services to us;
  • Brokers, agents and advisers and other persons acting on your behalf, for example guardians or persons holding power of attorney;
  • References that you provide to us, for example landlord details or trade references;
  • Other financial institutions such as banks and credit providers or their authorised representatives or partners, or another third-party organisation or partner, including where such entities provide products and/or services that may reasonably be of interest to you;
  • Employers or former employers;
  • Recruitment agencies and partners that assist with recruitment and background checks;
  • Government and law enforcement agencies or regulators;
  • Credit reporting bodies;
  • Third-parties that provide identity verification services using government records such as name, address, date of birth, unique identifiers and identity document details;
  • Entities established to help identify illegal activities and prevent fraud;
  • Third-parties on a strictly confidential basis in the event we offer to sell our business or assets; and
  • Any other parties that you authorise or that we are required or permitted by law to share information with.

Information sharing with an introducer
If you were introduced or applied to us through a partner, broker or other agent, we will provide them with information about each application you make with us and each product or service which we provide to you. Your account will be linked to that agent, and we will continue to provide them your information for each application or request you make with us whether that application or request is made through that agent or direct with us. If you do not wish us to provide your information to the agent, you must advise us by contacting us using the details set out in section 8.

Overseas disclosure

We use customer service teams located within Australia, New Zealand and the Philippines.  We may send your information overseas, including to overseas Group members and to service providers or other third-parties who operate or hold data outside Australia and New Zealand. Where we do this, we take reasonable steps to ensure that appropriate data handling and security arrangements are in place.

Where we send your information overseas, it is likely to be to Canada, Hong Kong, India, the Philippines, Singapore, South Africa, Vietnam, United Kingdom and/or United States of America.

  1. Credit reporting policy

If you apply to us for credit or propose to be a guarantor, we need to know if you’re able to meet repayments under your agreement with us. We also want to avoid giving you further credit if this would put you in financial difficulty. One of our checks involves obtaining a credit report about you.

5.1 Credit reports
A credit report contains information about your credit history that helps credit providers assess your credit applications, verify your identity and manage accounts you hold with them. Credit reporting bodies collect and share this information with credit providers like us and other service providers such as phone companies.

Credit reports include information about the types of credit accounts you have had or enquired about, your credit limits, payment history and certain other information such as bankruptcies and court proceedings. We also ask the credit reporting body to provide us with an overall assessment score of your creditworthiness and other comprehensive credit information as necessary.

The Privacy Act and Credit Reporting Privacy Code limit the information that credit providers can disclose about you to credit reporting bodies, as well as the ways in which credit providers can use credit reports.

We may use one or more of the following credit reporting bodies:

 

 

Name Contact details – Australia Contact details – New Zealand
Equifax
www.equifax.com.au
13 8332
www.equifax.co.nz
[email protected]
0800 692 733
Illion www.illion.com.au
1300 734 [email protected]		 www.illion.co.nz
0800 733 [email protected]
Creditorwatch www.creditorwatch.com.au
GPO Box 276
Sydney, NSW 2001
1300 50 13 [email protected]
Centrix
www.centrix.co.nz
PO Box 62512
Greenlane, Auckland 1546
0800 236 874

 

5.2 Information shared with credit reporting bodies

If you are in Australia, the information we can share with credit reporting bodies includes:

  • your identification details;
  • the type of credit products you have or enquired about;
  • how much you’ve borrowed or enquired about;
  • how many accounts you’ve had or currently have;
  • whether or not you’ve met your scheduled repayment obligations; and
  • if you have committed a serious credit infringement (such as fraud).

If you are in New Zealand, we may share credit information with credit reporters and we also ask the credit reporters to provide us with an overall assessment score of your creditworthiness.

The credit reporting bodies we use will hold your personal information on their terms and treat your information in accordance with their own privacy policies.

5.3 Use of credit-related information
We use information from credit reporting bodies to confirm your identity, assess applications for commercial credit, provide quotes, manage our relationship with you, protect our legitimate interests and collect overdue payments. We also use this information as part of arriving at our own internal assessment of your creditworthiness.

We store credit-related information with your other information. We may combine this information with other insights such as risk ratings and credit scores as set out in section 3 above.

We may disclose credit-related information within the Group and to debt collection agents, your guarantors, our external dispute resolution scheme, government and law enforcement agencies or regulators or any other parties that you authorise or that we are required or permitted by law to share information with.

You can access credit-related information we hold about you, request us to correct the information and make a complaint to us about your credit-related information as set out in section 8 of this policy.

5.4 Other rights you have
Credit providers may ask credit-reporting bodies to use their credit-related information to pre-screen you for direct marketing. You can ask a credit reporting body not to do this. Also, if you’ve been, or have reason to believe that you’re likely to become, a victim of fraud (including identity fraud), you can ask the credit reporting body not to use or disclose the credit-related information it holds about you.

  1. Keeping your information secure

We store your hard-copy or electronic records on our premises and systems or offsite using trusted third-parties. We use reasonable endeavours to keep your personal information secure, however, this security cannot be guaranteed.  Our security safeguards include staff education, data handling and security arrangements when sending information overseas or to third-parties; encryption and other security protocols.

You must keep your log-in details private and confidential. Your log-in details are your responsibility and you should not share those details with anyone else.

  1. Accessing, updating and correcting your information

7.1 Access to information
You can ask for access to your basic information (for example what transactions you’ve made) by accessing Prospa Online or Prospa App or calling us. To obtain a copy of current credit-related information we hold about you, you can call or email us using the details in section 9.

7.2 Information access fee
There is no fee for making the initial request. However, in some cases, where permitted by law, there may be an access charge to cover the time we spend locating, compiling and explaining the information you ask for. If there is an access charge, we’ll give you an estimate up front and confirm that you’d like us to proceed. Generally, the access charge is based on an hourly rate plus any photocopying or reproduction costs or other out-of-pocket expenses. You’ll need to make the payment before we start unless you’ve authorised us to debit your account.

In certain circumstances we’re allowed to deny your request or limit the access we provide. For example, we might not provide you access to commercially sensitive information. Whatever the outcome, we’ll write to you explaining our decision.

7.3 Correction requests

It’s important that we have your correct details, such as your current address and telephone number. You can check or update your information by going online, emailing or phoning us.

You can ask us to correct any inaccurate information we hold or have provided to others (including credit-related information) by contacting us. If the information that is corrected is information we have provided to others, you can ask us to notify them of the correction. If your request relates to credit-related information provided by others, we may need to consult with credit reporting bodies or other credit providers.

If we’re able to correct your information, we’ll inform you when the process is complete. We don’t charge a fee for these requests.

If we disagree with you that information should be corrected, we’ll let you know in writing our reasons. You can ask us to include a statement with the relevant information, indicating your view that the information is inaccurate, misleading, incomplete, irrelevant or out-of-date. We will take reasonable steps to comply with such a request.

We try to respond to access or correct requests within twenty (20) business days; and process these requests within thirty (30) business days.  If we can’t complete the request within thirty (30) business days, we’ll let you know the reason for the delay within twenty (20) business days and try to agree a timeframe with you to extend the period.

  1. Contacting us or making a complaint

For privacy related queries including access and correction requests, complaints, to request a printed version of this policy or if you no longer want to receive direct marketing, please contact us on details below.

We’ll review your situation and try to resolve it straight away. However, if we’re unable to provide a final response within thirty (30) days we’ll contact you to explain why and discuss a timeframe to resolve the complaint.

Australia New Zealand
Phone 1300 882 867 or email [email protected].

Our customer service representatives are available Monday to Friday. See hours of operation.

See our feedback page for more information.

 Phone 0800 005 797 or email [email protected]

Our customer service representatives are available Monday to Friday. See hours of operation.

See our feedback page for more information.

 

8.2 External review of privacy complaints
If you’re not satisfied with our handling of your matter, you can refer your complaint to external dispute resolution scheme or Government body noted below. We suggest you do this only once you’ve first followed our internal complaint processes set out above.

 

Australia New Zealand
Prospa is a member of Australia Financial Complaints Authority (AFCA).  AFCA can be contacted by calling them on 1800 931 678 or online www.afca.org.au.
Prospa is a member of the Financial Services Complaints Ltd (FSCL).  FSCL can be contacted by calling them on 0800 347 257 or online at www.fscl.org.nz.
The Office of the Australian Information Commissioner by calling them at 1300 363 992, online at www.oaic.gov.au or writing to the Office of the Australian Information Commissioner (OAIC), GPO Box 5218 Sydney NSW 2001. The Office of the Privacy Commissioner by sending them a complaint using the online complaint form, or by writing to the Office of the New Zealand Privacy Commissioner, PO Box 10094, Wellington 6143, New Zealand.
  1. Amendments to this Privacy Policy

We may change this Privacy Policy at any time by changing or removing existing terms, adding new terms or publishing a new Privacy Policy in replacement of the previous version. We will tell you about any changes by posting an updated Privacy Policy on our website: www.prospa.com.au and www.prospa.co.nz. Any change we make apply from the date posted on the website. By continuing to use our products or services you will be deemed to agree to our updated Privacy Policy.

Last updated – August 2024