This Policy applies to Purple Circle Financial Services Pty Ltd (Purple Circle) and all our Credit Representatives/Authorised Representatives (Representatives) and their staff. The privacy of your personal information is important to us. We are committed to respecting your right to privacy and protecting your personal information. We are bound by the National Privacy Principles in the Privacy Act 1988. Our staff and Representatives are trained to respect your privacy in accordance with our standards, policies and procedures.
We receive services to support the broking services we give you. We receive mortgage aggregation services from Finsure Aggregation Services. Sometimes they collect personal information about customers to manage customer enquiries or complaints, commission payments or file reviews. If you want to find out how they manage your personal information, please click on the link below:
If you have any questions about this, please do not hesitate to contact us.
As a credit service provider, we are subject to certain legislative and regulatory requirements under the National Consumer Credit Protection Act 2009 and the Anti-Money Laundering and Counter-Terrorism Financing Act 2006. These require us to obtain personal information about you including (but not limited to):
If you do not provide your information to us, it may not be possible to provide you with our services.
If you want to make purchases from (or through) us we will also collect your payment information. We will also collect this information if we need to make payments to you.
If you apply for employment with us we will collect information about your work history and ask your referees about you. If you apply to become a Purple Circle Representative we will collect information to enable us to assess whether you meet accepted industry standards.
Sometimes we will collect information about you from other sources as the Privacy Act 1988 permits. We will do this only if it’s reasonably necessary to do so, for example, where:
You can appoint us as your agent and authorise us to obtain your credit information (including both consumer and commercial credit reporting and eligibility information) from a credit reporting body on your behalf. You can also authorise us to use that information to assist us to provide you with credit assistance.
We will only collect sensitive information about you with your consent. Sensitive information is personal information that includes information relating to your racial or ethnic origin, political persuasion, memberships in trade or professional associations or trade unions, sexual preferences, criminal record, or health.
We will only collect sensitive information that is reasonably necessary for us to perform our functions or activities in advising and dealing with you.
We don't usually collect unsolicited personal information. Where we receive unsolicited personal information, we'll determine whether or not it would have been permissible to collect that personal information if it had been solicited. If we determine that collection would not have been permissible, to the extent permitted by law, we'll destroy or de-identify that personal information as soon as practicable.
You can deal with us anonymously where it is lawful and practicable to do so. For example, if you make general inquiries about financial advisers near to your location, interest rates or current lender promotional offers.
We collect your personal information for the purpose of providing you with credit services such as:
We may use your personal information to tell you about other service providers, with whom we have arrangements, that supply goods or services that may be of interest to you.
We may also collect your personal information for the purposes of direct marketing and managing our relationship with you. If you do not wish to receive information relating to other products and services please contact us at any time.
If you apply to become a Representative or apply for employment with us we will collect information about you to assist us to decide whether to appoint you.
We collect payment information in order to process your payments.
In order to provide you with credit services and to operate our business activities we will need to disclose your personal information to third parties. The organisations that we are likely to disclose information about you to include:
In certain circumstances we may need to collect your tax file, Medicare or pension card number. We do not use or disclose this information other than for the purpose it was collected, authorised by law or if you have asked us to disclose this information to a third party. We will never use a government identifier to identify you.
We may also disclose your personal information to any other organisation that may have or is considering having an interest in our business. For example, a potential purchaser/organisation involved in the proposed sale of our (or our Representatives) business for the purpose of due diligence, corporate re-organisation and transfer of all or part of the assets of our business. Disclosure will be made in confidence and it will be a condition that no personal information will be used or disclosed by them.
We may disclose your personal information to overseas entities that provide support functions to us. You may obtain more information about these entities by contacting us.
Where your personal information is disclosed we will seek to ensure that the information is held, used or disclosed consistently with the National Privacy Principles.
We aim to make sure that the personal information we collect, use or disclose is accurate, complete and up-to-date. We will take reasonable steps to make sure this is the case. This way we can provide you with better service. If you believe your personal information is not accurate, complete or up to date, please contact us. If we refuse to correct your personal information we will provide you with our reasons within 30 days.
We store information in different ways, including in paper and electronic form. The security of your personal information is important to us and we take reasonable steps to protect it from misuse and loss and unauthorised access, modification or disclosure. Some of the ways we do this are:
We may use cloud storage to store personal information we hold about you. The cloud storage and the IT servers may be located outside Australia.
We take care to ensure that the personal information you give us on our website is protected. For example, our website has electronic security systems in place including the use of firewalls. User identifiers, passwords or other access codes may also be used to control access to your personal information.
You may be able to access external websites by clicking on links we have provided. Those other websites are not subject to our privacy standards, policies and procedures. You will need to contact or review those websites directly to ascertain their privacy standards, policies and procedures.
You can gain access to your personal information. This is subject to some exceptions allowed by law.
We may refuse to provide you with access, such as where the information relates to existing or anticipated legal proceedings, if the request is vexatious or if the information is commercially sensitive. If access is refused, we will give you a notice explaining our decision to the extent practicable and your options to make a complaint.
We ask that you provide your request for access in writing (for security reasons) and we will provide you with access to that personal information.
We will provide you access within 30 days if it is reasonable and practicable to do so, but in some circumstances it may take longer (for example, if we need to contact other entities to properly investigate your request).
We do not usually charge you for access to your personal information. However, if the request is complex, we may charge you the marginal cost of providing the access, such as staff costs of locating and collating information or copying costs. If charges are applicable in providing access to you, we will disclose these charges to you prior to providing you with the information.
A data breach occurs when personal information held by us is lost or subjected to unauthorised access or disclosure. If we suspect or know of a data breach, we will take immediate steps to limit any further access or distribution of the affected personal information or the possible compromise of other information.
When we have reasonable grounds to believe that a data breach is likely to result in serious harm – for example identity theft, significant financial loss or threats to physical safety we will notify individuals at likely risk as soon as practicable and make recommendations about the steps they should take in response to the data breach. We will also notify the Office of the Australian Information Commissioner.
Notifications will be made using our usual method of communicating with you such as by a telephone call, email, SMS, physical mail, social media post, or in-person conversation. If we are unable to contact you, (or your nominated intermediary) by any of the above methods we will publish a statement on the front page of our website and place a public notice on our reception desk.