This policy sets out how National Credit Insurance (Brokers) Pty Ltd (NCI) ABN 68 008 090 702 and any registered business names thereof will manage personal information that we deal with in providing services to our clients.
NCI are bound by the Privacy Act 1988 (as amended by the Privacy Amendment (Enhancing Privacy Protection Act 2012 and the Notifiable Data Breaches Act 2017)) (the Act) and must comply with obligations outlined in the Act. This policy does not limit or exclude any of your rights under the Act. If you wish to seek further information on the Act, see www.oaic.gov.au.
Personal information refers to any information or opinion, whether true or not, about that individual that can reasonably allow the individual to be identified.
How we collect and use personal information
We collect personal information where:
Why we collect, use and disclose personal information
You may choose to interact with us using a pseudonym and /or not identify yourself.
In circumstances where required for us to operate our business we will ask for your identification.
It is likely it will be impractical for us to interact with you without some form of identification. For example we will not be able to open a trade credit insurance account or debt collection recovery account without obtaining identification details.
Personal information collected
The type of personal data we may collect from you includes:
We will make reasonable effort to ensure the personal data collected is accurate and complete.
We may disclose your personal data for:
Further we may use and disclose personal information where any of the following occurs:
Disclosure to Credit Reporting Bodies (CRB’s)
We may disclose your personal information to a CRB in accordance with the permitted disclosures as defined in the Act to the following CRB’s:
Equifax Australia Information Services and Solutions Pty Ltd
GPO Box 964, North Sydney, NSW, 2059
Ph: 13 83 32
PO Box 7405 St Kilda Rd, Melbourne, VIC, 3004
Ph: 13 23 33
A copy of the CRB’s credit reporting policy will be available from their website listed above. We can provide a hard copy on request.
Your obligations when we provide you with personal information
If we give you, or provide you access to, the personal information of any individual, you must only use it:
Use of personal information for direct marketing
Some of the personal data we collect may be used to send marketing material to prospective and existing clients.
You can choose to opt-out with respect to direct marketing. If you choose to opt out of direct marketing correspondence we will record this on our opt-out register.
You may opt-out of direct marketing at any time by emailing us at:
Or you may click ‘unsubscribe’ at the bottom of any electronic marketing materials you receive from us.
We may transfer personal data held about you outside Australia if permitted by law to countries including but not limited to New Zealand, Asia and United Kingdom.
We may use cloud computing solutions or data storage located overseas in which case information may be stored, under our control, on computer servers located outside Australia (predominantly located in the United States of America).
How personal information is secured
Your information may be held in an electronic or non-electronic form. We will take steps to ensure the data is secured and protected from unauthorised access, modification, disclosure or misuse by:
You are entitled to access personal information we hold about you. Should we hold personal information that is inaccurate, out of date, incomplete, irrelevant, misleading or incorrect you have the right to make us aware of this fact and request that it be corrected. There are exemptions under the Act which may apply to personal information access and correction requests.
We are unable to provide you with access that is unlawful.
We require that you provide identification to verify the correct person is requesting the information or the change to the information. We will not charge you for making a request, however if reasonable we may charge you with the costs associated with complying with an information request.
We will respond to your request as soon as practicable, normally within 30 days in the manner you requested.
Requests for access to and/or correction of personal data held by us, should be made in writing addressed to:
The Privacy Officer
National Credit Insurance (Brokers) Pty Ltd
Level 2, 165 Grenfell Street, Adelaide, South Australia, 5000
Ph: 08 8228 4800
If we refuse access or correction to the information, written notice will be provided to you setting out:
Where your request is granted we will notify any relevant third parties we have disclosed the information to of the correction, where necessary and required.
Your consent and rights
If you have a complaint or require further information about how NCI manage your personal data, please contact NCI’s Privacy Officer on the contact details above. You will need to provide us with sufficient details regarding your complaint together with any supporting evidence and information.
We will provide you with a receipt of acknowledgement as soon as practicable, normally within 30 days in the manner you requested.
In dealing with your complaint we may need to consult another credit provider or third party.
If we fail to deal with your complaint in a manner you feel is appropriate you may choose to make a complaint to the Information Commissioner below or by completing a Privacy Complaint Form available from their website:
Office of the Australian Information Commissioner
GPO Box 5218 Sydney NSW 2001
Telephone: 1300 363 992
Facsimile: 02 9284 9666
Notification of serious harm
The National Data Breaches (NDB) Scheme commences 22nd Feb 2018 and applies to eligible data breaches that occur on or after that date.
A data breach occurs when personal information held by us is lost or subjected to unauthorised access or disclosure. A data breach is eligible if it is likely to result in serious harm to any of the individuals to whom the information relates.
If we suspect an eligible data breach may have occurred we will undertake a reasonable and expeditious assessment to determine if the data breach is likely to result in serious harm.
The assessment will be completed within 30 calendar days after the day we became aware of the grounds (or information) that caused us to suspect an eligible data breach.
If the assessment finds the data breach is likely to result in serious harm and we have not been able to prevent the likely risk of serious harm with remedial action, we will:
The ultimate protection against bad debts, where you have your debtors insured against the risk of insolvency, protracted default or political events.
Extends from full credit approval to monitoring, reporting services and tailored outsourced credit management. CRM is there to assist you in...
Our specialised committed and commercially orientated collection team is there to collect your outstanding monies, with the skills to preserve...