In this Policy, 'we', 'us' and 'our' means Rivalea (Australia) Pty Ltd (ACN 004 892 835) and its trading entities and related companies. We are committed to respecting your privacy. This Policy sets out:
1 Types of personal information that we collect from or about you
2 Why do we collect your personal information?
3 Who do we disclose your personal information to?
4 We disclose personal information outside Australia
5 We use your personal information for direct marketing
6 Using our website and cookies
8 Notifiable Data Breach Scheme
10 How do we manage your credit-related personal information?
11 How can you access or correct your personal information?
13 Contact Us
By providing your personal information to us, you consent to the collection, holding, use, and disclosure of that personal information in accordance with this Policy and any other agreements that you have with us. We may change this Policy from time to time by publishing it on our website and anywhere else we consider appropriate.
We may disclose to other entities your personal information for the purposes described in this Policy, including to:
We will take reasonable steps to make sure that the persons and organisations that we disclose personal information to are bound to protect the privacy of that personal information.
We may also disclose your personal information to a trusted third party who may combine it with other information they hold about you, to enable it and us to develop anonymised consumer insights. We do this to better understand your preferences and interests, personalise your experience and enhance the products and services that you receive.
We collect personal information about individuals who are, or are employed by, our customers, suppliers, consultants, service providers, contractors, related companies and agents. The types of personal information that we will collect from you differs depending on how you are dealing with us, but we usually collect at least:
- your name, age, date of birth, address, email address and other contact details;
- all information in your credit application and your credit card information;
- the details about the products and services that we have provided to you or that you have enquired about;
- all information that you provide through customer surveys; and
- all other information that may be required for us to be able to effectively do business with you.
We may collect this information from you, or from third parties, such as when you register on our website, communicate with us, interact with our website, services, content and advertising or apply for a job with us. When you apply for a job with us, we may also collect information about your work history and information in relevant criminal and other history checks, information from a recruitment consultant, information from your previous employers and anyone else who may be able to assist us to decide whether to employ you or enter into a contract with you. If you choose to remain anonymous in your dealings with us, or not to provide your personal information, then we may not be able to do business with you.
We will usually tell you why we are collecting your personal information and how we plan to use it, around the time when you provide it to us. We collect your personal information to allow us to do business with you and to:
- allow you to use our services and website;
- operate, protect, and improve our website, business and your experience with us;
- send you marketing messages and other information that we think you may find interesting. This will either come from us or our business partners;
- provide rewards, surveys, contests, promotions or events, either sponsored or managed by us or our business partners; and
- comply with our legal obligations, resolve disputes with users, and enforce our agreements with third parties.
- our employees and employees of our related companies;
- third party suppliers and service providers (e.g. our website operators);
- professional advisers, dealers and agents;
- payment systems operators (e.g. merchants receiving card payments);
- sponsors or promoters of any of our competitions;
- anyone to whom our assets or businesses (or any part of them) are transferred;
- other members of the Rivalea Group;
- specific third parties authorised by you to receive information held by us;
- other persons, including government agencies and regulatory bodies, or as required, authorised or permitted by law; and/or
- other entities that you have otherwise consented.
You consent to your personal information being disclosed outside of Australia to our parent company (located in Singapore), for data storage and to our other service providers (located in Singapore, the USA and New Zealand). We cannot guarantee, although we will take reasonable steps to ensure, that overseas recipients handle that personal information in compliance with this Policy and Australian laws.
You may opt-out of receiving direct marketing materials from us by contacting us, or by using the opt-out facilities provided (e.g. through an unsubscribe link).
We do not use browsing information to identify you personally. However, we may aggregate your personal information with that of other users of our website, such as the pages you visit, the time and date you visited and your IP address, for internal traffic monitoring and to improve the services and content of our website.
We may also use 'cookies' on our website to help us track your website usage and remember your preferences. You can disable cookies through your internet browser, but our websites may not work as intended for you if you do so.
We hold your information in hard copy or electronic format, and keep it in storage facilities that we own and operate ourselves, or that are owned and operated by our service providers. s
We take reasonable steps to protect your personal information from misuse, interference and loss, as well as unauthorised access, modification or disclosure and we use a number of physical, administrative, personnel and technical measures to protect your personal information. For example, we hold personal information on our main server and access is password protected, and we also use methods of data encryption. However, we cannot guarantee the security of your personal information.
In the event that there is unauthorized access to, or disclosure of your personal information, or personal information is lost in circumstances where unauthorized access to, or disclosure of the information is likely to occur (Data Breach), and this is likely to result in serious harm to you or us, we will investigate and assess this Data Breach, in accordance with the Privacy Act. If required under the Act, we will notify you and the Information Commissioner of the Data Breach and will take all reasonable steps to mitigate any possible harm you may suffer.
Our website may contain links to websites operated by third parties. We are not responsible for the privacy practices of, or any content on, those linked websites, and have no control over or rights in those linked websites. We encourage you to read the privacy policies that apply to those other websites before using them.
- What credit-related personal information do we collect?
The main type of credit-related personal information (as defined in the Privacy (Credit Reporting) Code (CR Code)) that we collect and use is your identification information. However, through providing goods and services to you, we may receive other types of credit-related personal information including:
- your name, contact details, and payment history;
- a statement that an 'information request' was made about you to a credit reporting body (CRB);
- publicly available information about your credit worthiness;
- any opinion of a credit provider that you have committed a serious credit infringement or fraud;
- commercial credit reports from a CRB;
- your monthly purchase amounts with us; and
- your administrative credit information, such as account and customer numbers.
We may collect personal information from, or relating to your dealings with, other credit providers (eg. banks, financial institutions, or organisations that may provide you with credit in connection with their products or services), who have collected that information from a CRB. This information may affect your credit worthiness.
- How do we collect credit-related personal information?
We usually collect credit-related personal information about you if you disclose it to us and it is relevant in providing you with our goods or services.
We may also collect it from other sources including:
- banks and other credit providers;
- other individuals and entities via trade references (ie. your suppliers and creditors);
- government bodies;
- CRBs; and
- publicly available information.
We do not specifically collect credit reports about individuals from CRBs. However, we may obtain creditrelated personal information about individuals such as proprietors, directors and sole traders when we request credit-related personal information from a CRB about an entity applying to us for commercial credit.
- How do we store credit-related personal information?
We hold your credit-related personal information in accordance with section 7 of this Policy.
- Why do we collect credit-related personal information?
We use your credit-related personal information for the purposes listed in section 2 of this Policy, as well as other purposes, including:
- assessing your application for commercial credit, and your credit worthiness;
- collecting payments;
- exercising our rights and obligations, including where you are in default with other credit providers;
- reporting details of fraud or other serious credit infringement; and
- dealing with credit-related complaints or regulatory matters.
This includes exchange of credit-related personal information with other credit providers and trade referees listed in your application or in reports provided by a CRB.
- Do we disclose your credit-related personal information to CRBs?
If you apply for any kind of credit, to the extent allowed under the Privacy Act and the CR Code, we may provide your credit-related personal information to, or collect information about you from, a CRB. A CRB may then provide that information to other credit providers to assist them to assess your credit worthiness. If you commit a serious credit infringement, we may be entitled to disclose this to a CRB.
We use the credit reporting services provided by Equifax Pty Ltd, Dun & Bradstreet (Australia) Pty Ltd and Experian Australia Credit Services Pty Ltd. Please refer to the credit reporting policies of these CRBs for details on their management of credit reporting information at:
These CRBs may include credit reporting information provided by credit providers (such as us) in reports to assist in the assessment of credit worthiness. Each CRB may use credit reporting information they hold about you for "pre-screening" for direct marketing. You have the right to request that they not use the credit reporting information for pre-screening purposes. You can also request that they not use or disclose the information if you believe on reasonable grounds that you have been or are likely to be a victim of fraud.
- Do we disclose credit-related personal information outside Australia?
We may disclose your credit-related personal information in accordance with section 4 of this Policy, to the extent we are allowed to by law.
- How can you access or correct your credit-related personal information?
You can request access to the personal information (including credit-related personal information) we hold about you by contacting us using the details set out in section 13 of this Policy. Sometimes, we may not be able to provide you with access to all of your personal information and, where this is the case, we will tell you why.
If you think that any personal information we hold about you is inaccurate, please contact us and we will take reasonable steps to ensure that it is corrected.
Depending on the nature of the request, we may charge for providing access to your credit-related personal information, however any charge will not be excessive.
To complain about an alleged privacy breach, or about the way we have handled your personal information (including credit-related personal information), you can contact us using the details set out in section 13 of this Policy. Please include your name, email address and/or telephone number and clearly describe your complaint.
We will handle complaints in a timely, effective, fair and consistent manner. We may need to consult with a CRB or another credit provider if we consider it necessary in order to investigate and deal with your complaint.
If you think that we have failed to resolve a complaint satisfactorily, we will provide you with information about the further steps you can take.
For further information about our Policy or practices, or to access or correct your personal information, or make a complaint, please contact us using the details set out below:
by email: firstname.lastname@example.org
by telephone: 02 6033 8333
by post: Privacy Officer, PO Box 78, Corowa, NSW 2646
Effective: 01 May 2019