Privacy Policy

Octet Finance Pty Ltd (ACN 124 477 916) and Octet Finance (Qld) Pty Ltd (ACN 632 841 564 and NZBN: 9429052164910) (“we”, “us”, “our”) collect and manage personal information as described in this policy. We collect, use, store, manage and disclose information about individuals including clients to whom we may provide or may have provided a facility; guarantors of both individual and company clients and individuals who may provide a guarantee; individuals who may sell goods or services to a client; individuals who are or become customers of a client; and individuals that are associates of entities that do any of those things.

Our privacy assurance to you

Your privacy has always been important to us. We respect your right to be aware of who has information about you, what they are doing with it and why, and who else they are sharing it with. We have adopted a privacy compliance culture that cements this relationship with you. We are committed to complying with, to the extent applicable:

the Privacy Act 1988 (as amended by the Privacy Amendment (Enhancing Privacy Protection) Act 2012) (Australia).
the Privacy Regulation 2013 (Australia);
the Credit Reporting Privacy Code (Australia);
the Privacy Act 2020 (New Zealand); and
the Credit Reporting Privacy Code 2020 (New Zealand),

together Privacy Law.

This privacy policy is the privacy policy which we must have in accordance with Australian Privacy Principle 1.3 and incorporates our credit reporting policy which we must have in accordance with section 21B(3) of the Privacy Act 1988 (Australia).

Overview

This privacy policy explains how we manage personal information which is not credit information or credit eligibility information. In particular it explains, in relation to that personal information:

the kinds of personal information we collect and hold;
how we collect the personal information;
the purposes for which we collect, hold, use and disclose the personal information;
how an individual may access personal information about the individual that we hold and seek the correction of that information;
how an individual may complain about a breach of applicable Privacy Law and how we may deal with the complaint; and
whether we are likely to disclose the personal information to overseas recipients and the countries where those recipients are likely to be located.

This privacy policy also explains how we manage credit information and credit eligibility information. In particular it explains, in relation to that information:

the kinds of credit information we collect and hold and how we collect and hold that information;
the kinds of credit eligibility information we hold and how we hold that information;
the kinds of CP derived information that we usually derive from credit reporting information disclosed to us by a credit reporting body under applicable Privacy Law;
the purpose for which we collect, hold, use and disclose credit information and credit eligibility information;
how an individual may access credit eligibility information about the individual that we hold;
how an individual may seek the correction of credit information or credit eligibility information about the individual that we hold;
how an individual may complain about our failure to comply with applicable Privacy Law;
how we will deal with the complaint; and
whether we are likely to disclose credit information or credit eligibility information to entities which do not have an Australian or New Zealand link. The kinds of personal information we collect and hold

We collect and hold credit information about individuals who are clients, guarantors, a seller of goods or services to clients, a customer of clients, or associates of any of them. This information includes:

identification information, such as the individual’s name, address and date of birth;
the note we make of the disclosure of credit information we make to a credit reporting body so that we can obtain credit information from the credit reporting body;
the type of commercial credit and the amount of credit sought in an application that has been made by the individual and in connection with which we have made an information request;
court proceedings information about the individual, this is information about a judgment of an Australian court against the individual in proceedings (other than criminal proceedings) that relate to any credit that has been provided to, or applied for by, the individual; and
personal insolvency information about the individual, this is information that is entered or recorded in the National Personal Insolvency Index that relates to bankruptcy of the individual, a debt agreement proposal given by the individual, a personal insolvency agreement executed by the individual, a direction given (or an order made) under section 50 of the Bankruptcy Act 1966 (or for New Zealand purposes, the Insolvency Act 2006) that relates to the property of the individual or an authority signed under section 188 of that Act that relates to the property of the individual.

We obtain credit reporting information about individuals who are clients, guarantors, a seller of goods or services to clients, a customer of clients or associates of any of them from credit reporting bodies. Credit reporting information includes:

the credit information outlined above but which relates to the individual’s dealings with other credit providers;
consumer credit liability information, default information, payment information, new arrangement information and publicly available information concerning consumer credit which the individual has obtained from other credit providers; and
credit worthiness information about the individual that credit reporting bodies derive from the above information. This could include credit scores, risk ratings and other evaluations.

We only obtain credit reporting information from credit reporting bodies to the extent we are entitled to obtain it under applicable Privacy Law. We might, for example, need to obtain the individual’s prior authorisation.

We may disclose credit information (such as identification information) about an individual to a credit reporting body. The credit reporting body may include that information in the reports it provides to other credit providers.

We disclose credit information to the following credit reporting bodies:

Name: Illion Australia Pty Ltd

Website: www.checkyourcredit.com.au

Mail: PO Box 7405 St Kilda Road

Melbourne VIC 3004

Name: Equifax Pty Ltd

Website: www.equifax.com.au

Mail: PO Box 964

North Sydney NSW 2059

Those credit reporting bodies are required to have a policy which explains how they will manage credit- related personal information. If an individual would like to read the policy of the credit reporting body they should visit the credit reporting body’s website and follow the “Privacy” links, or the individual can contact the credit reporting body direct for further information.

Our policy about the management of credit related personal information is contained in this privacy policy but if an individual would like to receive it as a separate document they can request a copy by contacting our Privacy Contact Officer at the address specified below.

An individual has the right to request that the credit reporting body exclude his or her credit reporting information from any permissible direct marketing activities we may ask it to perform.

The individual also has the right to request that the credit reporting body not use or disclose his or her credit reporting information if the individual believes that they has been, or is likely to be, the victim of fraud (for example, the individual suspects someone is using his or her identity details to apply for credit). The individual must contact the credit reporting body direct should this be the case.

The personal information, other than credit information and credit reporting information, we collect and hold varies depending on the person we are dealing with and the reason why we are dealing with them. We collect this general personal information from individuals who are clients, guarantors, sellers of goods or services to clients, customer of clients, prospective employees, contractors, suppliers, brokers, introducers, merchants, agents, professional advisers, mercantile agents, mailing houses, call centre operators, archivers and service providers, or associates of any of them. This information will generally include the individual’s name and contact details, and information about the individual’s arrangements and transactions with us, and the management of accounts with us. In respect of Australian individuals, we will only collect sensitive information about an individual with the individual’s consent or when permissible under applicable Privacy Law.

Under various laws we will be (or may be) authorised or required to collect personal information about an individual. These laws include the Anti-Money Laundering and Counter-Terrorism Financing Act 2006, Personal Property Securities Act 2009, Corporations Act 2001, Autonomous Sanctions Act 2011, Income Tax Assessment Act 1997, Income Tax Assessment Act 1936, Income Tax Regulations 1936, Tax Administration Act 1953, Tax Administration Regulations 1976, A New Tax System (Goods and Services Tax) Act 1999 and the Australian Securities and Investments Commission Act 2001 as those laws are amended and includes any associated regulations and New Zealand equivalent laws.

How we collect personal information

We collect personal information, other than credit eligibility information, about individuals in a variety of ways including in the loan application process and completed loan documents, in contracts with third parties, in person, via a website, via mobile app, on the phone, from other finance organisations that are authorised to provide such information under their own Privacy Policies. We may obtain the information from the individual or from persons acting on the individual’s behalf. When it is possible and practical we will collect the information direct from the individual. When it is not practical or reasonable to do so we will collect the information from a third party. The third party could be an authorised representative (such as a broker, agent, accountant or lawyer), another financial institution, a referee, an employer or a government body, a person that requests a facility from us, a Credit Reporting Body, broker or other introducers, or a public register. When the individual sells goods or services to a client, is a customer of a client or is an associate of a client we may obtain the information from the client.

The main consequence for you if all or some of the personal information is not collected by us is that we may be unable to process your (or the person’s) application; we may decide not to provide a facility or we may decide to restrict or end a facility; we may not be able to complete a transaction in which you are involved, for example as a supplier or prospective employee; or we may not give access to the Octet platform.

The credit eligibility information is obtained from a credit reporting body.

How we hold credit information and credit eligibility information

We take all reasonable steps to ensure that an individual’s personal information which we hold is protected from misuse, interference or loss and from authorised access, modification or disclosure.

We do this by having physical, electronic and procedural safeguards which protect the personal information we hold. For example, the personal information is stored in secure office premises or in secure archiving facilities and logins and passwords are required to access electronic databases. Our staff are required to maintain the confidentiality of personal information and access to personal information is restricted to persons who require access to perform their duties.

We will retain an individual’s personal information for as long as necessary with regard to the purpose for which we collected it, and to comply with our legal obligations.

The purposes for which we collect, hold, use and disclose personal information

We collect, hold, use and disclose credit information and credit eligibility information on individuals for purposes permitted by law which are reasonably necessary for our business activities. Those purposes include:

if the individual is a client, to determine if we should provide a facility which includes the provision of commercial credit to the individual and, if we decide to provide it, to assist in the provision of the facility. This includes the assessment of the application, managing the account, recovering money and dealing with security the individual gives;
if the individual is a guarantor, to determine whether we should accept a guarantee from the individual and, if the guarantee is given, to deal with or enforce our rights under the guarantee and any security which may be given to secure it;
if the individual is a customer of a client, to assess and verify the debt which the client seller to us or in which the client gives us a security interest, to collect the debt and to enforce the debt and any security which may be given to secure payment of the debt;
if the individual sells goods or services to the client, to record the contract entered into between the seller and the client and to disburse amounts we lend to the client by making payment to the Octet financial institution which has entered into a contract with the seller;
if the individual is an associate of the client, to determine if we should provide a facility which includes the provision of commercial credit to the client and to assist in the provision of that facility;
if the individual is an associate of a customer of a client, to assist us to verify the debt owed by the customer and to collect and enforce the debt. For example, we may record the name and office phone number of a person in the customer’s accounts payable department and telephone that person to verify the debt;
if the individual is an associate of a person who sells goods or services, to record the contract entered into between the seller and the client, to confirm that there is a bona fide contract between the seller and the client and to disburse amounts we lend to the client by marking payment to the Octet financial institution which has entered into a contract with the seller;
to assist in the management and enforcement of the facilities we provide, for data analysis and internal management;
to provide information to credit reporting bodies to the extent this is permitted by applicable Privacy Law;
to undertake securitisation activities, raise funds, participate in online payment processing, assign debts and other rights, enter into insurance arrangements (for example insurance policies for amounts owed to us) and provide information to and obtain information from insurers;
to deal with complaints and legal proceedings;
to meet our legal and regulatory requirements; and
to assist other credit providers by giving personal information to them in accordance with an authorisation which the individual has provided to them or

We do not hold any CP derived information.

We collect personal information about individuals which is not credit information or credit eligibility information:

to determine whether we should provide a facility which includes the provision of commercial credit and, if we decide to provide it, to assist in the provision of the facility. This includes the assessment of the application, managing the account, recovering money and dealing with security you give;
to determine whether we should provide a facility which includes the provision of commercial credit to a person with which you are associated (for example as a director or shareholder) and to assist in the provision of the facility. If a guarantee may be given we are collecting the personal information to determine whether we should accept it and, when it is given, we collect the personal information to deal with or enforce our rights under the guarantee and any security which may be given to secure it;
to determine whether we should allow you or a person with which you are associated to use the Octet platform to, amongst other things, communicate with persons who may obtain commercial credit from us;
so that we can manage and administer the facilities which we provide; and
for other purposes required for us to manage our business, such as providing required reports to other finance businesses that we deal with, meeting prudential and other legal and accounting requirements, marketing, internal audit and reporting and business management, bundling up loans, market analysis and strategy, debt collection and assessing prospective employees, business partners and suppliers.

To provide our facilities in the most cost effective and efficient way we may decide to utilise the services of others. For example, we may use a mailing house to send monthly statements, or a data processing firm to manage data we hold including personal information. We also disclose information to our related bodies corporate and other finance businesses as required under the arrangements we have with them, to operate our business. If this requires that we disclose personal information we will require those persons to respect your right of privacy.

Personal information may also be used or disclosed to tell an individual about products or services that may be of interest to that individual. If the individual does not want his or her personal information used for these direct marketing purposes the individual should tell us. They can “opt-out” of direct marketing by sending an e-mail to privacy@octet.com or by writing to us at:

Privacy Contact Officer

Octet Finance Pty Ltd

Level 3, 10-14 Waterloo Street

Surry Hills NSW 2010

How an individual may access personal information

An individual may access personal information (including credit eligibility information) about the individual which we hold. The individual can obtain that access by contacting our privacy contact officer as follows:

Telephone: +61 2 9356 6300

E-mail: privacy@octet.com

Mail: Privacy Contact Officer

Octet Finance Pty Ltd

Level 3, 10-14 Waterloo Street

Surry Hills NSW 2010

We will need to verify the individual’s identity before giving access. We will usually provide the requested personal information within 30 days of receiving the request. There is no charge to make a request, but we may levy an administration fee for providing access.

If there is a reason why we do not make the requested personal information available, we will provide our reason in writing.

How an individual may seek the correction of personal information

If an individual considers that any personal information which we hold about the individual is incorrect in any way the individual may ask us to correct that personal information. To seek the correction please contact our Privacy Contact Officer on the telephone number or at the e-mail or postal address above.

In certain situations, we may decide not to agree to a request to correct personal information. We will tell you in writing why we have not agreed to the correction request.

How an individual may complain and how we will deal with the complaint

We have an internal dispute resolution system that covers complaints. That system complies with ISO 10002-2006 Customer Satisfaction – Guidelines for Complaints Handling in Organisations: sections 4, 5.1, 6.4, 8.1 and 8.2. If an individual considers that we have failed to comply with applicable Privacy Law they should contact our Privacy Contact Officer on the telephone number or at the email or postal address above. We will then follow our internal dispute resolution system. We will acknowledge the complaint within 7 days. A decision will be made and advised within 30 days or a longer period as may be agreed with the individual.

If the individual is not satisfied with the decision they may make a complaint to the Office of the Australian Information Commissioner (the “OAIC”) or the New Zealand Office of the Privacy Commissioner (the “OPC”).

The contact details for the OAIC are:

Telephone: 1300 363 992

Facsimile: (02) 9284 9666

Website: www.oaic.gov.au

Mail: The Office of the Australian Information Commissioner

GPO Box 2999

Canberra ACT 260

The contact details for the OPC are:

Telephone: 0800 803 909

Email: enquiries@privacy.org.nz

Website: www.privacy.org.nz

Mail: PO Box 10 094

Wellington 6143

Disclosure of personal information to overseas recipients

We will only disclose personal information to overseas recipients or to persons that do not have an Australian or New Zealand link when this is necessary for the purpose for which the information was collected or a purpose connected with the purpose for which the information was collected which the individual would reasonably expect us to use or disclose the information. For example, if the seller of goods or services to the client or the Octet financial institution which has an agreement with the seller is located overseas, we may need to send the client’s information overseas so that we can confirm that a bona fide contract has been entered into between the client and the seller or to make a payment to the Octet financial institution. If there is a dispute between the client and the seller, we may need to provide information to a person located overseas to assist in the resolution of that dispute. Whenever we disclose personal information overseas, we will comply with the applicable Privacy Law.

We may use service providers located overseas.

It is not practicable to specify the list of countries other than Australia or New Zealand in which the recipient could be located as this will largely depend on the sellers with whom the client decides to contract.

Notification of data breaches

We recognise the obligation to notify affected individuals, as well as the Australian Information Commissioner (or for New Zealand purposes, the New Zealand Office of the Privacy Commissioner), of “eligible data breaches” (or for New Zealand purposes, “notifiable privacy breaches”) as defined in applicable Privacy Law. We will provide the notification when we are required to do so by applicable Privacy Law.

Definitions

In this privacy policy:

“associate” means a person who is or may become an officer, trustee or employee of the client, the guarantor, a seller of goods or services to the client or a customer of the client:

“client” means a person (such as a company, sole trader or partnership) to whom we have provided a facility including the provision of commercial credit and includes a person who has applied for, or may apply for, a facility of that type;

“guarantor” means a person who has guaranteed, or may guarantee, the obligations which a buyer has or may have to us; and

“we”, “us” and “our” means Octet Finance Pty Ltd (ACN 124 477 916) and Octet Finance (Qld) Pty Ltd (ACN 632 841 564).

Words which are defined in applicable Privacy Law have the same meaning in this privacy policy.

Working Capital Solutions

Trade Finance

Debtor Finance

Supply Chain Accelerate

OctetPay

Industries

Why Octet

Digital wallet

Global network

Cross-border payments

Supply chain management

Security

Rewards