This Policy outlines how Bridgit Pty Ltd (“s“) and its related companies (“we / us / our / the Group“) collect, disclose, use, store, or otherwise handles personal and credit information.
It is important to us that we manage your personal and credit information securely and consistently with respect to the Privacy Act 1988 (Cth)(“Privacy Act“), the Australian Privacy Principles, and the Privacy (Credit Reporting) Code 2014 (as amended) (“CR Code“).
This Privacy and Credit Reporting Policy (“Policy“) explains:
1. The kinds of personal information (including credit information) we collect;
2. The purposes for which we collect this information;
3. How we manage the personal information that we collect about you;
4. How you can seek access to and correct that information; and
5. If you wish, how you can make a complaint relating to our handling of that information.
This Policy is not limited to current customers or guarantors of customers (where applicable) – it also relates to any other individuals who deal with us, whether in relation to the provision of credit or otherwise. By using our services or otherwise dealing with us, you agree to the terms of this Policy.
2.1 What is personal information?
Personal information is information or an opinion about an identified individual or about an individual who is reasonably identifiable from that information.
2.2 What is credit information?
Credit information is defined in the Privacy Act and relates to an individual’s credit-related dealings with Bridgit.
Credit eligibility information is defined in the Privacy Act and is related to an individual’s credit-related dealings with other credit providers. This includes:
1. credit reporting information, as defined in the Privacy Act, provided by credit reporting bodies; and
2. credit worthiness information, which we may derive from credit reporting information.
3.1 When do we collect personal and credit information about you?
We collect information about you and your interactions with us, including:
We may also collect information about your location or activity including your IP address, telephone number, and whether you’ve accessed third-party sites. This may include information collected directly from you and information that you authorise us to collect from third parties.
It is not mandatory for you to provide us with the personal information or credit information that we request – however, if you do not do so it may affect the products and services that we can provide to you.
3.3 What types of personal and credit information do we collect and hold?
We will collect certain personal and credit information about you depending on the circumstances in which the product or service is being provided.The types of personal and credit information we may collect from you may include (but is not limited to):
3.2 What types of personal and credit information do we collect and hold?
We collect information about you from others such as service providers, agents, your bank, advisers, brokers, employers, or family members. For example, if you apply for credit, we may need to obtain a credit report from a credit reporting body. We will also obtain bank account information from your bank throughout the term of the loan.
If you elect to use bank statements and third party account aggregation service providers in connection with our assessment of your application, you permit such third party services to access your banking transaction data linked to the online banking credentials you provide. The third party service provider will access your personal information for the purpose of providing this personal and business bank account data to us.
The third party service provider may access transactional data from any account that is associated with the login credentials that you submit. This may include personal accounts as well as business accounts. Your provision of banking login credentials to utilise such third party service providers does not provide us with your login credentials or passwords or the ability to access your internet banking (other than as stated above).
Through the use of such third party service providers, we will obtain up to the last twelve (12) months of bank transactions on the date you apply for a loan, in addition to further ongoing bank transactions for the term of the loan, for the purpose of assessing any future loan application or making a future offer to you. We note that your bank’s terms may prohibit you from sharing your login, so you agree to appoint our third party service provider as your agent to access your internet banking on your behalf solely for this purpose and you consent to our ongoing access to this information for the term of the loan and the purposes outlined above.
Should you agree to the use of such a third party service provider, you will be subject to their terms and conditions and privacy policy which will govern any act or omission of that third party service provider in connection with your use of that service.
3.4 Sensitive information
The Privacy Act protects your sensitive information, such as health information that’s collected on insurance or hardship applications. If we need to obtain sensitive information, we will ask for your consent, except where otherwise permitted by law.
3.5 Information about other people
If you provide any personal information to us about another person, you also confirm to us that you have the authority of that person to share their information with us and to permit us to hold, use and disclose their information in accordance with this Privacy Policy. You must inform the other person of their rights to access and request correction of their information set out below.
3.6 Cookies
On our website, “cookies” are generally used to record how people use our site. A cookie is small bits of information that are stored on your computer’s hard drive which record how you have used a website. Cookies help us improve and upgrade our website based on usage of the site. The use of cookies also means that when you go back to our website, the site can give you customised options based on the information the cookie has stored about your previous visit. You can generally modify the settings of your browser to prevent it from accepting cookies. While cookies do not personally identify you, they do identify your browser and the IP address from which you are accessing the site.
If you do not want us to use cookies in your browser, you can set your browser to disallow cookies or to let you know when a website is trying to put a cookie on your computer. However, you might not be able to use some aspects of our website without cookies.
We collect and use your personal and credit information in a number of ways, including to:
We may also collect, use and disclose your information in other ways where you have authorised us to do so or where permitted by law.
4.1 Direct marketing
From time to time, we may use your personal information for direct marketing purposes (for an indefinite period, including after you cease using our services). This includes sending you updates about new products and services we are offering. When we contact you, it may be by mail, telephone, email, SMS, or through any other means. We also may engage third party service providers to market to you on our behalf. When we use or disclose your personal information for the purpose of direct marketing, we will:
You may ask to be removed from our marketing lists for any or all types of direct marketing at any time by contacting us using the details set out below.
4.2 Gathering and combining data to get insights
Improvements in technology enable organisations to collect and use information to get a more integrated view of customers and provide better products and services. We may combine our customer information with information available from a wide variety of external sources (for example census or Bureau of Statistics data). We are able to analyse the data in order to gain useful insights which can be used for any of the purposes mentioned earlier in this policy. In addition, Group members may provide data insights or related reports to others, for example, to help them understand their customers better. These insights and reports are based on aggregated information and do not contain any information that identifies you.
5.1 Disclosure of personal information
In order to perform the functions and/or activities described above, we may disclose your personal information, including to:
5.2 Disclosure of credit information
We collect, use and disclose credit information for the primary purpose of conducting our business, which includes:
To enable us to assess an application by you for a credit arrangement we may:
We may, where you have given consent, give to, and obtain from, any credit provider named in your application for a credit arrangement and any credit provider that may be named in a credit report issued by a credit reporting body, information about your credit arrangements.
We may also disclose your credit information and personal information to credit reporting bodies in relation to credit-related dealings, for example where you have failed to meet payment obligations or commit a serious credit infringement. We may disclose your credit information to the following credit reporting bodies:
Equifax, Consumer Resolutions
PO Box 964
NORTH SYDNEY NSW 2059
GPO Box 276
Sydney, NSW 2001
The above credit reporting bodies are required to have a policy about how they manage credit-related personal information. This policy can be accessed on each credit reporting body’s website or by contacting them directly.
You have the right to request that the above credit reporting bodies do not use your credit reporting information for the purposes of pre-screening of direct marketing. You also have the right to request that the above credit reporting bodies do not use or disclose your credit reporting information if you believe on reasonable grounds that you have been, or are likely to be, the victim of fraud (i.e. if you suspect someone may use your identity to apply for credit). You must contact the above credit reporting bodies directly if this is the case.
5.3 What do we do with credit-related information?
We use information from credit reporting bodies to confirm your identity, assess applications for credit, manage our relationship with you and collect overdue payments. We also use this information as part of arriving at our own internal assessment of your creditworthiness.
Generally, we use customer service teams located within Australia. However, we may send your information overseas, including to overseas Group members and to service providers or other third parties who operate or hold data outside Australia. Prior to disclosing your personal and credit information to an overseas recipient, we will take all reasonable steps to ensure that:
We may also send information overseas to complete a particular transaction or where this is required by laws and regulations of Australia (as applicable) or another country.
Where we send your information overseas, it is likely to be one of the following countries:
Where we hold your personal information or credit information, we will take reasonable steps to ensure that the information is secure and that it may only be accessed by authorised persons or as otherwise set out in this Policy.
Although we take reasonable measures, we cannot guarantee that no third party will circumvent the security measures on our electronic databases or at any of our premises.
Please note that third party recipients of personal information may have their own privacy policies and we are not responsible for their actions, including their handling of personal information.
If any personal information that we hold is no longer required for the purpose for which it was collected and no applicable law requires us to retain that information, we will take reasonable steps to de-identify or destroy the information.
We will use reasonable steps to ensure the personal information we hold is complete, up-to-date, and accurate, so far as it is practicable for us to do so. If your personal information changes, please contact us and let us know.
8.1 Can I get access to my information?
You have a right to seek access to your personal and credit information held by Bridgit and that right extends to correction of the information if it is inaccurate, out-of-date, or incomplete. If you wish to query the accuracy of personal information held about you or update that information, you may contact us as set out below. Additionally, Part IIIA of the Privacy Act allows individuals to obtain confirmation of whether or not we hold credit eligibility information about them, as well as gain access to, or correct, the credit information we hold in certain circumstances.
To protect your privacy and security, we will take reasonable steps to verify your identity before allowing you to access or make changes to the personal information we hold about you.
8.2 Is there a fee?
There is no fee for making the initial request. However, in some cases, where permitted by law, there may be an access charge to cover the time we spend locating, compiling, and explaining the information you ask for. If there is an access charge, we’ll give you an estimate upfront and confirm that you’d like us to proceed. Generally, the access charge is based on an hourly rate plus any photocopying costs or other out-of-pocket expenses. You’ll need to make the payment before we start unless you’ve authorised us to debit your account.
8.3 How long does it take to gain access to my information?
We try to make your information available within 30 days of your request and we will respond to your request within 20 days.
8.4 Can you deny or limit my request for access?
In certain circumstances, we’re allowed to deny your request or limit the access we provide. For example, we might not provide you access to commercially sensitive information. Whatever the outcome, we’ll write to you explaining our decision.
We may refuse to give you access to the personal information we hold about you if we reasonably believe that giving you access would:pose a serious threat to the life, health, or safety of any individual;
have an unreasonable impact on the privacy of other individuals; orwe consider the request to be frivolous or vexatious.
8.5 Updating your basic information
It’s important that we have your correct details, such as your current address and telephone number. You can check or update your information by going online, emailing, or phoning us.
8.6 Can I correct my information?
You can ask us to correct any inaccurate information we hold or have provided to others (including credit-related information) by contacting us. If the information that is corrected is the information we have provided to others, you can ask us to notify them of the correction. We don’t charge a fee for these requests.
If your request relates to credit-related information provided by others, we may need to consult with credit reporting bodies or other credit providers. We’ll try to correct information within 30 days. If we can’t complete the request within 30 days, we’ll let you know the reason for the delay within 20 days and try to agree on a timeframe with you to extend the period.
If we’re able to correct your information, we’ll inform you when the process is complete.
8.7 What if we disagree that the information should be corrected?
If we disagree with you that information should be corrected, we’ll let you know in writing our reasons. You can ask us to include a statement with the relevant information, indicating your view that the information is inaccurate, misleading, incomplete, irrelevant, or out-of-date. We will take reasonable steps to comply with such a request.
8.8 Can I ask you not to provide my information to my broker?
If you were introduced or applied to us through a broker or other agent, we will provide them with information about each application you make with us and each loan that we provide to you. Your account will be linked to that broker and we will continue to provide them your information for each application you make with us whether that application is made through that broker or direct with us. If you do not wish us to provide your information to your broker or other agent, you must advise us by contacting privacy@bridgit.com.
9.1 We’re here to help
If you have a concern about your privacy (including credit-related matters), you have a right to make a complaint and we’ll do everything we can to put matters right.
9.2 How do I make a privacy complaint?
To lodge a complaint, please get in touch with us using your point of contact or one of the customer service teams set out in section 10. We’ll review your situation and try to resolve it as soon as possible. If you’ve raised the matter through your point of contact or through our customer service teams and it hasn’t been resolved to your satisfaction, please contact our Customer Relations team using the details in section 10.
9.3 How do we handle a privacy complaint?
We acknowledge every complaint we receive and provide you with our name, a reference number, and contact details of the investigating officer. We keep you updated on the progress we’re making towards fixing the problem.
9.4 External review of privacy complaints
If you’re not satisfied with our handling of your matter, you can refer your complaint to external dispute resolution. We suggest you do this only once you’ve first followed our internal complaint processes set out above.
If your complaint is about the way we handle your personal information you may also contact the Office of the Australian Information Commissioner by calling them at 1300 363 992, online at www.oaic.gov.au, or writing to the Office of the Australian Information Commissioner (“OAIC”), GPO Box 5218 Sydney NSW 2001.
For privacy related queries, access or correction requests, or complaints, or to request a printed version of this policy, please contact us:
Phone 1300 141 161. Our call centre is open Monday to Friday, 8am-6pm AEDT.
Email privacy@bridgit.com
We aim to resolve your query or complaint at your first point of contact with us. You can use your usual point of contact or call our customer service team.
10.1 To update your direct marketing preferences or request not to receive direct marketing
You can call us using the number above or email us.
For more information about the Australian Privacy Principles and credit reporting rules visit:
Office of the Australian Information Commissioner (“OAIC”) (privacy generally); orAustralian Retail Credit Association (“ARCA”) (credit reporting rules).
We may change this Policy at any time by changing or removing existing terms or adding new ones. Changes may take the form of a completely new Policy. We will tell you about any changes by posting an updated Policy on our website.
Any change we make applies from the date we post it on the website. By continuing to use our services you will be deemed to agree to our updated Policy.
Last updated: 19 July 2021