Privacy Policy
Introduction
‘We’, ‘us’ and ‘our’ refer to Ezfunds Holding Pty Ltd (ABN 32 662 894 297, Australian Credit License Number 554010) trading as Hai Money (“Hai Money”).
This privacy policy (Policy) applies to Hai Money and all our Credit Representatives (Representatives) and their staff. The privacy of your personal information is important to us. We are committed to respecting your right to privacy and protecting your personal information. We are bound by the Australian Privacy Principles in the Privacy Act 1988 (Cth) (Privacy Act). Our staff and Representatives are trained to respect your privacy in accordance with our standards, policies and procedures.
About this Privacy Policy
This Policy outlines how we manage your personal information. It also describes generally the sorts of personal information held and for what purposes, and how that information is collected, held, used and disclosed. Our Policy applies to all your dealings with us, our website and our Representatives. We encourage you to check our website regularly for any updates to our Policy.
We receive services to support the broking services we give you. We receive mortgage aggregation services from Finsure Finance and Insurance Pty Ltd (ABN 72 068 153 926, Australian Credit Licence Number 384704). Sometimes they collect personal information about customers to manage customer enquiries or complaints, commission payments or file reviews. If you want to find out how they manage your personal information, please click on the link below:
https://finsure.com.au/privacy-policy/
If you have any questions about this, please do not hesitate to contact us.
Why we collect personal information
We will collect and hold your personal information for the purposes of:
- assessing your application for finance and managing that finance;
- letting you know about our other products and services;
- direct marketing;
- managing our relationship with you;
- when you apply to join our network; and
- to comply with any associated legal or regulatory obligations imposed by regulators including those under anti-money laundering and counter-terrorism financing laws or laws relating to comprehensive consumer credit reporting.
Information we collect from you
We collect information about you and your interactions with us. The type of personal information we may ask you to provide to us includes but is not limited to:
- personal and contact details such as your name, phone number, residential or postal address, email address and date of birth;
- documentary evidence to verify your identity such as a certified copy of your driver’s licence, passport, birth certificate, citizenship and marriage certificates;
- Australian Governance related identifiers and identity documents such as your Tax File Number and country of tax residency;
- financial details such as details of your employment, income, assets, financial liabilities;
- information we need to provide our services to you such as your bank account details; and
- credit information such as a credit check. See ‘Credit Information‘ below for more information.
If you are applying for finance we may also collect the ages and number of your dependents and cohabitants, the length of time at your current address, your employment details and proof of earnings and expenses.
We do not collect sensitive information (your political or religious beliefs, ethnic background etc.).
Information we collect from others
We may collect information about you in addition to what you voluntarily provide to us in order to comply with relevant laws and regulations.
If you apply for credit, we may obtain a credit report from a credit reporting body. We may also collect information about you that has been made available by third parties who are permitted to provide your data.
How your personal information is collected
The personal information we collect about you comes primarily from you. We may also collect information about you in addition to what you voluntarily provide to us from you or other sources such as from finance brokers and other third parties such as accountants and lawyers.
Wherever there is a legal requirement for us to ask for information about you, we will inform you of the obligation and the consequences of not giving us the requested information. For example, in addition to obtaining personal information from you when you acquire a new product or service from us, we will need to obtain certain documentary evidence from you as to your identity. Such evidence may include items such as a certified copy of your driver’s licence, passport or birth certificate. We may also collect your personal information by using electronic verification services or searching publicly available sources of information such as public registers.
We will not collect any personal information about you except where you have knowingly provided that information to us or where we believe that you have authorised a third party to provide that information to us. Any information collected from publicly available sources will be protected in the same way as the information you voluntarily disclose.
If you provide personal information to us about someone else, you must ensure that you are entitled to disclose that information to us, that the other person has consented to you providing us with the information, and that we can collect, use and disclose that information as set out in this Policy without having to take any further steps required under law (such as obtaining consent directly from that person). This means that if you provide us with personal information about someone else, you must make sure that the individual concerned understands the matters set out in this Policy and has provided their consent to be bound by this Policy.
Credit Information
Credit information is information which is used to assess your eligibility to be provided with finance and may include any finance that you have outstanding, your repayment history in respect of those loans, and any defaults. This information is also relevant if you are joining our network.
Sensitive information
We will only collect sensitive information about you with your consent. Sensitive information is personal information that includes information relating to your racial or ethnic origin, political persuasion, memberships in trade or professional associations or trade unions, sexual preferences, criminal record, or health.
We will only collect sensitive information that is reasonably necessary for us to perform our functions or activities in advising and dealing with you
Unsolicited personal information.
We don’t usually collect unsolicited personal information. Where we receive unsolicited personal information, we’ll determine whether or not it would have been permissible to collect that personal information if it had been solicited. If we determine that collection would not have been permissible, to the extent permitted by law, we’ll destroy or de-identify that personal information as soon as practicable.
Dealing with us anonymously
In general, you can visit our website without telling us who you are or revealing any personal information about yourself. Our web servers collect the domain names, not the email addresses, of visitors. However, if a request is made to be dealt with anonymously yet we are required or authorised by law to deal with identified individuals, we will notify you of this.
How do we use and disclose your personal information?
We only use and hold your personal information:
- for the purpose of assessing your application for finance and managing that finance;
- for the purpose of providing you with the financial product you have sought from us;
- if you are applying to join our network;
- for employment with us, to assess, process and manage your application for employment;
- to handle any complaints that you may have;
- any other purpose permitted under the Privacy Act;
- any other purpose you have consented to; and
- any other permitted purpose set out in this Policy such as direct marketing.
The types of external organisations which we often disclose your personal information include:
- any prospective funders or other intermediaries in relation to your finance requirements;
- other organisations that are involved in managing or administering your finance such as third-party suppliers, printing and postal services, call centres;
- associated businesses that may want to market products to you;
- companies that provide information and infrastructure systems to us;
- anybody who represents you, such as finance brokers, lawyers and accountants;
- anyone, where you have provided us consent;
- where we are required to do so by law, such as under the Anti-Money or Laundering and Courter Terrorism Financing Act 2006 (Cth);
- investors, agents or advisers, or any entity that has an interest in our business;
- your employer, referees or identity verification services; and
- overseas entities that provide support functions to us.
You consent to us disclosing your information to such entities (and allowing such entities to use your personal information to provide their services) without obtaining your consent on a case-by-case basis.
We may also disclose your personal information where it is:
- necessary to provide our products or services to you or undertake operations relating to these products and services (such as to our employees, business partners, suppliers and service providers, professional advisers);
- to carry out promotions or other activities you have requested or for direct marketing purposes (unless you have opted-out of direct marketing communications);
- required by law (such as to the Australian Securities and Investments Commission or AUSTRAC);
- authorised by law (such as where we are obliged to disclose information in the public interest or to protect our interests);
- required to assist in law enforcement (such as to a police force);
- any successors in title to our business (including new business partners or owners; and
- with your consent (express or implied), other entities.
The above entities may in turn disclose your personal information to other entities as described in their respective privacy policies or notices.
Direct marketing
From time to time, we may also use your personal information to tell you about products and services they think may be of interest and value to you, changes to their organisation, or new products or services being offered by them or any company with whom they are associated, but they will stop if you tell them to.
They may contact you by various means, including by mail, telephone, email, SMS or other electronic means such as through social media or targeted advertising through their website or online services.
If you do not want to receive direct marketing from us, you can opt-out by writing to them at [email protected]. If the direct marketing is by email, you may also use the unsubscribe function. They will not charge you for giving effect to your request and will take all reasonable steps to meet your request at the earliest possible opportunity.
Keeping your personal information accurate and up-to-date
We aim to make sure that the personal information we collect, use or disclose is accurate, complete and up-to-date. We will take reasonable steps to make sure this is the case. This way we can provide you with better service. If you believe your personal information is not accurate, complete or up to date, please contact us. If we refuse to correct your personal information we will provide you with our reasons within 30 days.
Protecting your personal information
We will take reasonable steps to protect your personal information from misuse, interference, loss and unauthorised access, modification or disclosure. Personal information is stored in electronic form.
We have implemented policies, procedures and systems to keep your personal information secure. In addition, we limit access to the personal information we hold to employees with a legitimate need to use it consistent with the purpose for which the information was collected, for any other matters related to that purpose that you would reasonably expect and other permitted purposes set out in this Policy such as direct marketing.
When your personal information is no longer required, we will take reasonable steps to destroy, delete or de-identify your personal information in a secure manner. However, we may sometimes be required by law to retain certain information, for example, under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth).
We may use cloud storage to store personal information we hold about you. The cloud storage and the IT servers may be located outside Australia.
Your privacy on the Internet
Our Website
We take care to ensure that the personal information you give us on our website is protected. For example, our website has electronic security systems in place including the use of firewalls. User identifiers, passwords or other access codes may also be used to control access to your personal information.
Social Media
We compile and categorise a list of our followers on social media platforms. We also receive aggregate, non-personalised statistics on our coverage in social media.
Links to Other Sites
You may be able to access external websites by clicking on links we have provided. Those other websites are not subject to our privacy standards, policies and procedures. You will need to contact or review those websites directly to ascertain their privacy standards, policies and procedures.
Cookies
We may use cookies on our website. Cookies are small data files that are downloaded from our website and stored on your computer when you visit our website. Cookies are used to allow us to see which pages and what information is of most interest to visitors to our website, which in turn enables us to improve our offerings to our customers. Your computer’s web browser will allow you to configure your computer to refuse to accept cookies. You can also delete cookies from your computer’s hard drive at any time.
Cross-border disclosure
Depending on the type of service or product we provide to you, your personal information may be disclosed to our associated entities, contractors and unaffiliated service providers located in other overseas jurisdictions such as the Philippines. The overseas jurisdictions that your personal information is subject to cross border disclosure may change from time to time.
Where we discloses your personal information to an overseas recipient, we will take reasonable steps to ensure the overseas recipients are carefully chosen and comply with this Policy.
Overseas recipients may not be subject to privacy obligations equivalent to those under the Privacy Act and could be compelled by foreign law to make disclosure of the information.
Access to and correction of your personal information
You have the right to request access to your personal information and request its correction.
You can seek access to your information or request a correction by contacting us on the details provided at the end of this Policy.
We will give you access to your personal information within a reasonable time period in a manner requested by you. We may charge a reasonable fee to cover our costs. We may decline the access in exceptional circumstances that are permitted under the Privacy Act. If this is the case we will inform you and explain the reasons why.We will respond to your request to access or correct your personal information we hold within 30 calendar days after the request is made if it is reasonable and practicable to do so. In some circumstances, it may take longer (for example, if we need to contact other entities to properly investigate your request). We may refuse to correct your personal information we hold about you if we do not agree with the corrections you have supplied. When we refuse your request, we will give you a written notice to that effect and an information statement if requested.
We do not usually charge you for access to your personal information. However, if the request is complex, we may charge you the marginal cost of providing the access, such as staff costs of locating and collating information or copying costs. If charges are applicable in providing access to you, we will disclose these charges to you prior to providing you with the information.
Lodging a Question or Complaint
If you have a question or a complaint about how we have handled your personal information, please contact us using the contact details provided at the end of this Policy.
The Privacy Officer will acknowledge the receipt of your complaint as promptly as possible after we receive your complaint. We will endeavor to investigate and resolve your complaint within 30 calendar days. If you are unsatisfied with our response, you can lodge a complaint with the Office of the Australian Information Commissioner.
Notifying you of certain data breaches
A data breach occurs when personal information held by us is lost or subjected to unauthorised access or disclosure. If we suspect or know of a data breach, we will take immediate steps to limit any further access or distribution of the affected personal information or the possible compromise of other information.
When we have reasonable grounds to believe that a data breach is likely to result in serious harm – for example identity theft, significant financial loss or threats to physical safety we will notify individuals at likely risk as soon as practicable and make recommendations about the steps they should take in response to the data breach. We will also notify the Office of the Australian Information Commissioner.
Notifications will be made using our usual method of communicating with you such as by a telephone call, email, SMS, physical mail, social media post, or in-person conversation. If we are unable to contact you, (or your nominated intermediary) by any of the above methods we will publish a statement on the front page of our website and place a public notice on our reception desk.
Changes to this Policy
We may review and amend this Policy from time to time to address changes to laws and to reflect our current operations and practices. You may obtain a copy of the current version on request
Resolving your privacy concerns
If you have any issues you wish to raise with us or would like to discuss any issues about our Policy, please contact our Privacy Officer. Our Privacy Officer will investigate the issue and determine the steps we will undertake to resolve your complaint. We will contact you if we require any additional information from you and will notify you in writing within 30 calendar days of the determination of our Privacy Officer.
Contacting Us
Privacy Officer Hai Money
Tower 1, Suite 6.04, 495 Victoria Ave, Chatswood NSW 2067
Phone: 1300 424 666
Email: [email protected]
If you are not satisfied with the outcome of your complaint, you are entitled to contact the following entities:
Office of the Australian Information Commissioner
Phone: 1300 363 992
Email: [email protected]
Mail: Office of the Australian Information Commissioner (GPO Box 5218 SYDNEY NSW 2001)
You can learn more about the Privacy Act and your rights at www.privacy.gov.au
(For other concerns, compliments or complaints visit Compliments and Concerns)
Last updated: June 2024