The Privacy Act defines 'personal information' as information about an identified, or reasonably identifiable, individual (including opinions about that individual).
‘Credit information’ and ‘credit eligibility information’, are types of personal information relating to an individual’s credit-worthiness, as follows: ‘
Why does PERI collect personal and sensitive information?
PERI necessarily needs to collect certain information about the people we deal with. Collecting personal information is also required in some circumstances to meet certain legal obligations.
What kind of personal information does PERI collect and how does PERI collect it?
Generally, PERI collects and holds personal information about:
The information we collect varies, depending on the purpose, and may include (but is not limited to) name, address, contact details, employment information, credit information, credit eligibility information and marketing information.
This information may be obtained through the submission of completed forms, information provided in person or by telephone by the individuals themselves, information voluntarily supplied to PERI by the individual, or information obtained from a third party such as a credit reporting body or another credit provider.
Where required or reasonably practicable, we will obtain your express consent before collecting information about you from a third party, but in all cases if we collect personal information about you from a third party, we will take reasonable steps to ensure that you are made aware of the collection.
PERI also collects a range of credit information about individuals, including the following:
PERI usually collects this information from application forms submitted by applicants for commercial credit, from publicly available sources, such as the ASIC registers, and from credit reporting bodies, other credit providers and industry credit bureaus (such as the BICB, BTC, Veda and NSW CCS).
We also collect credit eligibility information about individuals from credit reporting bodies and other credit providers. The kinds of credit eligibility information we collect depends on the purposes for which it is collected, but it largely reflects the categories of credit information described above. PERI also derives certain information from the credit eligibility information it collects from credit reporting bodies. This derivative information generally takes the form of a credit score, which we give to applicants for the purpose of assessing applications for commercial credit and/or those applying to become guarantors.
How do we use personal information and to whom may we disclose it?
Typically, PERI uses personal information to assist us to better:
Depending on the product or service concerned, personal information may be disclosed to:
We also collect, hold, use and disclose credit information and credit eligibility information about individuals to assist us to better:
In most cases, if you do not provide information about yourself that PERI has requested, PERI may not be able to provide you with the relevant product or service.
How do we treat sensitive information?
The Privacy Act defines 'sensitive information’ as (among other things) information about a person's racial or ethnic origin, religion, membership of political bodies, trade union or other professional or trade association, sexual preferences or practices, criminal record or health. Sometimes it may be necessary for PERI to collect sensitive information.
If you provide PERI with sensitive information, it is our Policy that this information will be used and disclosed only for the purpose for which it was provided, or another directly related purpose, unless you agree otherwise, or unless use or disclosure of this information is allowed by law.
The way we use tax file numbers and information received from a credit reporting body about an individual is also restricted by law.
How do we manage personal information?
PERI trains its employees who handle personal information to respect the confidentiality of that information and the privacy of individuals.
How do we store personal information?
PERI is required by the APPs and Part IIIA of the Privacy Act to safeguard the security and privacy of your information, whether you interact with us personally, by telephone, mail, over the internet or other electronic medium. This includes an obligation to take reasonable steps to protect the personal information we hold from misuse, interference, loss, and unauthorised
access, modification or disclosure. The APPs also require PERI not to store personal information for longer than is reasonably necessary to perform its functions or activities.
PERI stores information both in hard copy paper form and in soft copy electronic form. Where the information is in hard copy and of a sensitive nature, such as pay roll or credit information, PERI will take particular steps to secure the information, such as to keep it under lock and key. Electronic information is stored using PERI’s secured IT systems.
Where PERI no longer requires any personal information that we hold, we will destroy the information.
Cross-border disclosure of personal information
PERI stores and processes personal information offshore, including in some circumstances sensitive information and credit information, and credit eligibility information. For instance, PERI backs up our information to our Head Office in Germany every night. This includes the use of Outlook for all of its internal and external email communication. All email content sent to, from and between PERI employees will also be stored offshore at PERI Head Office.
Further, PERI uses Germany Head Office to store electronic files. These files may contain personal information, including sensitive information, credit information and credit eligibility information, if such information has been submitted to PERI.
By submitting personal information to PERI or by participating in email communications with PERI staff, we will infer your consent to the disclosure of all email content to Germany Head office for storage and processing offshore. Please note that, in doing so, PERI will not be required by the Privacy Act to take reasonable steps to ensure the personal information is handled in accordance with the APPs. Further, PERI will not be liable under the Privacy Act for any breaches by the overseas recipients of the personal information, nor will the user be able to seek any remedies under that Act for what might otherwise be a breach of the APPs.
PERI takes reasonable steps to protect your personal information as you transmit your information from your computer to our site and endeavours to protect such information from loss, misuse, interference, and unauthorised access, disclosure, alteration, or destruction. Personal information will not be disclosed to overseas recipients unless PERI holds a reasonable belief that the information will remain subject to effective privacy protections and
will not be collected, held, used or disclosed by the recipients of the information in a manner inconsistent with this policy.
You should keep in mind that no Internet transmission is ever 100% secure or error-free. In particular, e-mail sent to or from other recipients may not be secure, and you should therefore take special care in deciding what information you send to us via e-mail.
How do we keep personal information accurate and up-to-date?
PERI seeks to ensure that the personal information it holds is accurate, complete and up-todate.
We realise that this information changes frequently with changes of address and other personal circumstances. We encourage you to contact PERI as soon as possible in order to update any personal information we hold about you. Our contact details are set out below.
Can you access and correct the personal information we hold about you?
You may obtain access to, and correct, any personal information which PERI holds about you (including credit eligibility information), unless one of the exceptions in the Privacy Act applies.
To make a request to access information PERI holds about you, please contact PERI in writing using the details listed below. PERI will require you to verify your identity and to specify what information you require. PERI may charge a reasonable fee to cover the cost of verifying the application and locating, retrieving, reviewing and copying any material requested.
If you seek access to credit eligibility information that we hold about you, we will endeavour to provide you with access within 30 days of your request (unless unusual circumstances apply). In order to ensure that you have access to the most up-to-date information, you should also request access to the credit reporting information held by credit reporting bodies about you.
Requests to correct credit information and credit eligibility information will be assessed on a case-by-case basis.
If we are satisfied that the personal information is inaccurate, out-of-date, incomplete, irrelevant or misleading, we will take reasonable steps to correct the information within 30 days of your request, or such longer period as agreed with you in writing. In certain circumstances, we may need to consult with a credit reporting body or another credit provider to determine the accuracy or otherwise of the information.
If we correct personal information about you, we will give you written notice of the correction within a reasonable time period. We will also notify you in writing if we decide not to correct the information in accordance with the requirements of the Privacy Act.
What if you have a complaint?
PERI has an officer appointed to handle complaints. If the matter is not resolved to your satisfaction, please make contact with the relevant officer below. PERI endeavours to respond promptly to complaints.
If your complaint relates to an alleged contravention of the credit reporting provisions or the CR Code, we will acknowledge your complaint in writing within 7 days and advise you as to how we will deal with it. After investigating the complaint, we will make a decision within 30 days of the complaint being made (or such longer period as agreed with you in writing) and
notify you in writing of our decision.
Please note that if you wish to make a complaint about our handling of an access and/or correction request, you may complain directly to the Office of the Australian Information Commissioner (OAIC).
How do you contact us?
If the particular PERI branch or office is unable to deal with a privacy complaint to your satisfaction, please contact PERI Australia Pty Limited by e-mail, phone, facsimile or post:
PERI Australia Pty Limited
Attn: The Privacy Officer
116 Glendenning Road
GLENDENNING NSW 2761
Phone: (02) 8805 2300
Fax: (02) 9675 7277
E-mail: Complete the electronic form on the Contact page of our website at
www.periaus.com.au or send an email to firstname.lastname@example.org.
If you are not satisfied with our response to your complaint, you may escalate your complaint to the OAIC by calling 1300 363 992 or emailing email@example.com.
Updates to this policy