WB Security and Privacy

1.      Your privacy is important to us

We know that how we collect, use, exchange and protect your information is very important to you and we value your trust. That’s why protecting your information and being clear about what we do with it is a vital part of our relationship with you.

Please note that during the course of our relationship with you, we may tell you more about how we handle your information. This could be when you complete an application form, or receive terms and conditions or a Product Disclosure Statement. When you receive this further information, please consider it carefully. Please also visit our website regularly as we update this policy from time to time.

Information we collect from you

We collect information about you and your interactions with us, for example when you request or use our products, phone us or visit any of our websites. When you use our website or mobile applications we may collect information about your location or activity including IP address, telephone number and whether you’ve accessed third party sites. Some of this website information we collect using Cookies.

The information we collect from you may include your identity and contact details, other personal details such as gender and marital status and financial information. Where applicable, we may also collect health information, for example for insurance purposes.

Information we collect from others

We may collect information about you from others, such as responsible entities, fund managers, trustees, service providers, agents, advisers, brokers, employers, family members or other members of the WB group of companies. For example, if you apply for life or income protection insurance, we may collect medical and lifestyle information from you or your health professionals. We may collect information about you that is publicly available, for example from public registers or social media, or made available by third parties.

Sensitive information

The Privacy Act also protects your sensitive information, such as health information that’s collected on insurance or hardship applications. If we need to obtain this type of information, we will ask for your consent, except where otherwise permitted by law.

2.      How do we use your information?

We collect, use and exchange your information so that we can:

·           establish your identity and assess applications for products and services

·           price and design our products and services

·           administer our products and services

·           manage our relationship with you

·           manage our risks and help identify and investigate illegal activity, such as fraud

·           contact you, for example if we suspect fraud or need to tell you something important

·           conduct and improve our businesses and improve the customer experience

·           comply with our legal obligations and assist government and law enforcement agencies or regulators

·           identify and tell you about other products or services that we think may be of interest to you

We may also collect, use and exchange your information in other ways where permitted by law.

3.      Who do we exchange your information with?

We may exchange your information with other members of the WB Group so that the Group may adopt an integrated approach to its customers. Group members may use this information for any of the purposes described in the section 2 above.  The WB Group includes the following:

·         WB Financial Management Pty Ltd

·         WB Credit Management Pty Ltd

·         Agentia investment products

·         Australian SuperManager (Self  Managed Super Fund Administration Service)

Third parties

We may also exchange your information with third parties where this is permitted by law or for any of the purposes mentioned above in section 2.

Third parties may include:

· responsible entities, trustees, fund managers, brokers, agents, advisers and persons acting on your behalf, for example guardians and persons holding power of attorney

· persons involved in arrangements that provide funding to us, including persons who may acquire rights to our assets (for example loans), investors, advisers, trustees and rating agencies

· claims-related providers, such as assessors and investigators, who help us with claims

· credit providers, aggregators and credit reporting agencies

· auditors, insurers and re-insurers

· government and law enforcement agencies or regulators

· direct marketing consultants

· entities established to help identify illegal activities and prevent fraud

Sending information overseas

Generally, we use systems and customer service teams located within Australia.

If we need to send your information overseas to a service provider, we will make sure that appropriate data handling and security arrangements are in place before your information is sent.

4.      Credit checks and credit reporting

When we provide you with credit assistance we do this under our Australian Credit Licence which is held by WB Credit Management Pty Ltd.  In order to finalise your request for credit assistance we will generally need to transfer your information to a credit aggregator and or a credit provider.

When you apply for credit or propose to be a guarantor, the credit provider will need to know if you’re able to meet loan repayments. They will also want to avoid giving you further credit if this would put you in financial difficulty. One of the checks they will make will involve obtaining a credit report about you from a credit ratings agency.

The Privacy Act limits the information that credit providers can disclose about you to credit reporting bodies, as well as the ways in which credit providers can use credit reports.

What information is exchanged with credit reporting bodies?

The information includes your identification details, what type of loans you have, how much you’ve borrowed, whether or not you’ve met your loan payment obligations and if you have committed a serious credit infringement (such as fraud). The credit provider will also ask the credit reporting body to provide them with an overall assessment score of your creditworthiness.

The credit reporting bodies may include any or all of the following:

·         Veda Advantage Information Services and Solutions Ltd,

·         Experian Australia Credit Services Pty Ltd

·         Dun & Bradstreet (Australia) Pty Ltd.

You can download a copy of their respective privacy policies at:

·       Veda

·       Experian

·       Dun & Bradstreet

What do we do with credit-related information?

We use information you supply to confirm your identity, assess the suitability of your loan and manage our relationship with you.

We store credit-related information with your other information. You can access credit-related information we hold about you, request us to correct the information and make a complaint to us about your credit-related information. Please refer to section 8 for details.

Other rights you have

Credit providers may ask credit reporting bodies to use their credit-related information to pre-screen you for direct marketing. You can ask a credit reporting body not to do this. Also, if you’ve been, or have reason to believe that you’re likely to become a victim of fraud, including identity fraud, you can ask the credit reporting body not to use or disclose the credit-related information it holds about you.

5.      Keeping your information secure

We keep your hard-copy or electronic records on our premises and systems or offsite using trusted third parties. Our security safeguards include:

Staff education

We train and remind our staff of their obligations with regard to your information.

Taking precautions with overseas transfers and third parties

If we need to send information to third parties that handle or store data, we ensure that appropriate data handling and security arrangements are in place.

System security

When you transact with us on the internet via our website or mobile apps we encrypt data sent from your computer to our systems. We have firewalls, intrusion detection systems and virus scanning tools to protect against unauthorised persons and viruses accessing our systems. When we send your electronic data outside the Group we either use secure networks or encryption. We limit access by requiring use of passwords.

Building security

We have protection in our buildings against unauthorised access such as alarms and cameras.

Where practical, we keep information only for as long as required (for example, to meet legal requirements or our internal needs).

User ID and Password Security

You are probably aware that the security of communications sent by electronic means cannot be guaranteed. When you provide information to us via the internet you do this at your own risk. We cannot accept responsibility for misuse of, loss of, or unauthorised access to, your personal information where the security of information is not within our control.

You must ensure the security and confidentiality of any username and or password used by yourself to access our website. You agree that you will be held responsible for all activities which occur under your username and password (including but not limited to publication of illegal or defamatory material or any other unlawful activity, or unauthorised charging of your credit card).

You agree that we are not responsible for the privacy or security practices of any third party and that the collection and use of your information by third parties may be subject to separate privacy and security policies.

If you suspect any misuse of, loss of, or unauthorised access to your personal information, please contact us immediately as outlined in section 8.

6.      Accessing, updating and correcting your information

Can I get access to my information?

You can ask for access to your basic information by going online or calling us.

Is there a fee?

There is no fee for making the initial request, but in some cases there may be an access charge to cover the time we spend locating, compiling and explaining the information you ask for. If there is an access charge, we’ll give you an estimate up front and confirm that you’d like us to proceed. Generally, the access charge is based on an hourly rate plus any photocopying costs or other out-of-pocket expenses. You’ll need to make the payment before we start, unless you’ve authorised us to debit your account.

How long does it take to gain access to my information?

We will endeavor to make your information available to you within 30 days of your request. Before we give you the information, we’ll need to confirm your identity.

Can you deny or limit my request for access?

In certain circumstances we’re allowed to deny your request, or limit the access we provide. For example we might not provide you access to commercially sensitive information. Whatever the outcome, we’ll write to you explaining our decision.

Updating your basic information

It’s important that we have your correct details, such as your current address and telephone number. You can update by contacting us.  Please refer to section 8 for details.

Can I correct my information?

You can ask us to correct any inaccurate information we hold or have provided to others by contacting us using the details in section 8. If the information that is corrected is information we have provided to others, you can ask us to notify them of the correction. We don’t charge a fee for these requests.

We’ll try to correct information within 30 days. If we can’t complete the request within 30 days, we’ll let you know the reason for the delay to agree a time frame with you to extend the period.

If we’re able to correct your information, we’ll inform you when the process is complete.

What if we disagree that the information should be corrected?

If we disagree with you that information should be corrected, we’ll let you know in writing of our reasons. You can ask us to include a statement with the relevant information, indicating your view that the information is inaccurate, misleading, incomplete, irrelevant or out-of-date. We will take reasonable steps to comply with such a request.

7.      Making a privacy complaint

We’re here to help

We accept that sometimes we can get things wrong. If you have a concern about your privacy you have a right to make a complaint and we’ll do everything we can to put matters right.

How do I make a complaint?

To lodge a complaint, please get in touch with us using the point of contact specified in section 8.

How do we handle a complaint?

We acknowledge every complaint we receive and provide our name, a reference number and contact details of the investigating officer. We keep you updated on the progress we’re making towards fixing the problem.

Usually, it takes only a few days to resolve a complaint. However if we’re unable to provide a final response to you within 45 days or 90 days for superannuation complaints, we’ll contact you to explain why and discuss a time frame to resolve the complaint.

External review

If you’re not satisfied with our handling of your matter, you can refer your complaint to external dispute resolution. We suggest you do this only once you’ve first followed our internal complaint processes.

The Financial Ombudsman Service (FOS) offers a free and independent dispute resolution service for the Australian insurance and investment industries. FOS will consider privacy disputes if they’re about the provision of credit or if the privacy issue is part of a broader dispute with us. Please contact FOS at 1300 780 808, online at www.fos.org.au or write to Financial Ombudsman Service Limited, GPO Box 3, Melbourne VIC.

For complaints about superannuation and annuities, please contact the Superannuation Complaints Tribunal at 1300 884 114, online at www.sct.gov.au or write to the Superannuation Complaints Tribunal, Locked Bag 3060, Melbourne VIC 3001.

If your complaint is about the way we handle your personal information, you can contact the Office of the Australian Information Commissioner by calling them at 1300 363 992, online at www.oaic.gov.au or writing to the Office of the Australian Information Commissioner, GPO Box 5218 Sydney NSW 2001.

8.      How to contact us or find out more

For privacy related queries, access, correction requests, complaints or to request a printed version of this policy please email us at mail@wb.com.au .

If you want to update your direct marketing preferences or request not to receive any further direct marketing you can call us or send us an email via our contact details supplied on this web site.

For more information about the Australian Privacy Principles and credit reporting rules you can visit the Office of the Australian Information Commissioner (privacy generally) web site.

Tea Cup in Cast Iron