Thank you for trusting us with your information. We value that trust, and that’s why protecting your information, and being clear about how we collect, use, exchange and protect your information, is of huge importance and a vital part of our relationship with you.

1. Your privacy is important to us

This Policy outlines how Maxiron Capital (Maxiron Capital Pty Ltd and our related companies from time to time) (“we / us / the Group”) collect, disclose, use, store or otherwise handle personal information. It is important to us that we manage your personal information securely and consistently with relevant legislation, including the Australian Privacy Act 1988 (Commonwealth), the New Zealand Privacy Act 1993 and the Credit Reporting Privacy Codes for Australia and New Zealand (as applicable), as amended or replaced from time to time (Privacy Laws).

This Policy explains:

• The kinds of personal information (including credit-related information) we collect;
• The purposes for which we collect this information;
• How we manage the personal information that we collect about you;
• How you can seek access to and correction of that information; and
• If necessary, how you can make a complaint relating to our handling of that information.
• This policy does not limit our rights and obligations under Privacy Laws.

This policy is not limited to current customers or guarantors of customers (where applicable) – it relates to all other individuals who deal with us, whether in relation to the provision of credit or otherwise.

2. Information we collect from you

We collect information about you and your interactions with us, for example, when you request or use our products or services, make a card purchase or transfer money, phone us or visit any of our websites. When you use our website or mobile applications, we may collect information about your location or activity including your IP address, telephone number and whether you’ve accessed third-party sites. Some of this website information we collect using cookies.

This may include information collected directly from you and information that you authorise us to collect from third parties.

It is not mandatory for you to provide us with the personal information that we request – however if you do not do so it may affect the products and services that we can provide to you.

You agree that Maxiron Capital may refer your application to other Lender / commercial aggregator / broker.

2.1 The Personal Information we collect

We will collect certain personal information about you depending on the circumstances in which the product or service is being provided. This information can include:

Key personal information such as your name, residential and business addresses, telephone numbers, email and other electronic addresses;

Financial and related information, such as your occupation, accounts, bank account information (from prior to the loan being granted and ongoing for the term of the loan), assets, expenses, income, revenue, dependents, and regarding your employment, financial and business dealings and other relevant events;

Your transaction history (with us and our associates or relevant third parties). This information includes products you may have used with us in the past, your payment history, and the capacity in which you have dealt or deal with us.

2.2 Information we collect from others

We collect information about you from others such as service providers, agents, your bank, advisers, brokers, employers or family members. For example, if you apply for credit, we may need to obtain a credit report from a credit reporting body. We will also obtain bank account information from your bank throughout the term of the loan. We may collect information about you that is publicly available, for example, from public registers or social media, or made available by third parties.

We may use a bank statements and third party account aggregation service provider. By obtaining from you access to your internet banking, our third party service provider will access your personal information for the purpose of providing your personal and business bank account information to us. We will obtain the last six months bank transactions from the relevant bank account on the date you apply for a loan, in addition to further ongoing bank transactions for the term of the loan, for the purpose of assessing any future loan application. We note that your bank’s terms may prohibit you from sharing your login, so you agree to appoint our third party service provider as your agent to access your internet banking on your behalf solely for this purposes and you consent to our ongoing access to this information for the term of the loan and the purposes outlined above.

2.3 Sensitive information

The Australian Privacy Acts both protect your sensitive information, such as health information that’s collected on insurance or hardship applications. If we need to obtain this type of information, we will ask for your consent, except where otherwise permitted by law.

2.4 Information about other people

If you provide any personal information to us about another person, you confirm that you have the authority of that person to share their information with us and to permit us to hold, use and disclose their information in accordance with this Privacy Policy. You must inform them of their rights to access and request correction of their information set out below.

3. How do we use your information?

In many circumstances, we will collect the above information primarily from you (or from someone who is representing or assisting you). However, there are certain instances in which we will collect information about you from third parties where it is unreasonable or impracticable to collect it directly from you. For example, even where your application is for credit, we may collect information about you from a business which provides information about commercial credit worthiness for the purpose of assessing your application.

We use your information to:

• Establish your identity and assess applications for products and services.
• Price and design our products and services.
• Administer our products and services and generally carry out our business functions and activities.
• Manage our relationship with you, including fulfilling our obligations and exercising our rights under any agreement with you.
• Conduct and improve our businesses and improve our customers’ experience.
• Manage our risks and help identify and investigate illegal activity, such as fraud.
• Contact you, for example if we suspect fraud on your account or need to tell you something important.
• Comply with our legal obligations and assist government and law enforcement agencies or regulators.
• Identify and tell you about products or services offered by us, any of our Group members or any third parties that we think may be of interest to you (refer to section 3.1 below).
• We may also collect, use and exchange your information in other ways where you have authorised us to do so or where permitted by law.

3.1 Direct marketing

We may use your information for direct marketing, including by email or other electronic means. If you no longer want to receive direct marketing, you can tell us by using any of the methods set out in section 9.

3.2 Gathering and combining data to get insights

Improvements in technology enable organisations to collect and use information to get a more integrated view of customers and provide better products and services. We may combine our customer information with information available from a wide variety of external sources (for example census or Australian or New Zealand Bureau of Statistics data). We are able to analyse the data in order to gain useful insights which can be used for any of the purposes mentioned earlier in this policy. In addition, Group members may provide data insights or related reports to others, for example, to help them understand their customers better. These insights and reports are based on aggregated information and do not contain any information that identifies you.

4. Who do we exchange your information with?

We exchange your information with other members of the Group, so that the Group may adopt an integrated approach to its customers. Group members may use this information for any of the purposes mentioned in this section.

4.1 Third parties

We may exchange your information with third parties where this is permitted or required by law, or for any of the purposes mentioned in section 3.

Third parties include:

• Your co-applicant(s) (if any)
• Group members based in Australia, New Zealand or overseas
• Entities that provide services to us such as, identity verification, mailing houses or call centre operators
• Service providers, for example law firms, market research / data providers, and loyalty program redemption partners
• Service providers to whom we outsource certain functions, for example, direct marketing, statement production, debt recovery and information technology support
• Brokers, agents and advisers and persons acting on your behalf, for example guardians or persons holding power of attorney
• References that you provide to us, for example landlord details or trade references
• The supplier of any goods or services financed with credit we provide
• Guarantors or any person providing security for any service
• Persons involved in arrangements that provide funding to us, including persons who may acquire rights to our assets (for example loans), investors, advisers, trustees and rating agencies
• Claims-related providers, such as assessors and investigators, who help us with claims
• Other financial institutions such as banks and credit providers
• Auditors, insurers and re-insurers
• Employers or former employers
• Government and law enforcement agencies or regulators
• Credit reporting bodies – credit reporting bodies may collect the information we provide to them (including default information) and use it to provide their credit reporting services (see section 5 below)
• Entities established to help identify illegal activities and prevent fraud
• Any other parties that you authorise or that we are required or permitted by law to share information with.

4.2 Sending information overseas

Generally, we use customer service teams located within Australia or New Zealand. However we may send your information overseas, including to overseas Group members and to service providers or other third parties who operate or hold data outside Australia and New Zealand. Where we do this, we take reasonable steps to ensure that appropriate data handling and security arrangements are in place. Please note that Australian and New Zealand law may not apply to some of these entities.

We may also send information overseas to complete a particular transaction or where this is required by laws and regulations of Australia, New Zealand or another country.

5. Credit checks and credit reporting

When you apply to us for credit or propose to be a guarantor, we need to know if you’re able to meet repayments under your agreement with us. We also want to avoid giving you further credit if this would put you in financial difficulty. One of our checks involves obtaining a credit report about you.

5.1 Credit reports

A credit report contains information about your credit history that helps credit providers assess your credit applications, verify your identity and manage accounts you hold with them. Credit reporting bodies collect and exchange this information with credit providers like us and other service providers such as phone companies.

The Australian Privacy Act and Credit Reporting Privacy Code (as applicable) limit the information that credit providers can disclose about you to credit reporting bodies, as well as the ways in which credit providers can use credit reports.

5.2 What information can we exchange with credit reporting bodies?

The information we can exchange includes:

• your identification details
• what type of loans you have
• how much you’ve borrowed
• whether or not you’ve met your loan payment obligations
• if you have committed a serious credit infringement (such as fraud).
• We also ask the credit reporting body to provide us with an overall assessment score of your creditworthiness.

The credit reporting body we use is Equifax Inc, which may change from time to time at our discretion. Your personal information will be held by these agencies on their terms.

5.3 What do we do with credit-related information?

We use information from credit reporting bodies to confirm your identity, assess applications for credit, manage our relationship with you and collect overdue payments. We also use this information as part of arriving at our own internal assessment of your creditworthiness.

We store credit-related information with your other information. You can access credit-related information we hold about you, request us to correct the information and make a complaint to us about your credit-related information. See sections 8 and 9.

5.4 Other rights you have

Credit providers may ask credit-reporting bodies to use their credit-related information to pre-screen you for direct marketing. You can ask a credit reporting body not to do this. Also, if you’ve been, or have reason to believe that you’re likely to become, a victim of fraud (including identity fraud), you can ask the credit reporting body not to use or disclose the credit-related information it holds about you.

6. Keeping your information secure

We store your hard-copy or electronic records on our premises and systems or offsite using trusted third parties. We use reasonable endeavours to keep your personal information secure, however, this security cannot be guaranteed. Our security safeguards include:

6.1 Staff education

We train and remind our staff of their obligations with regard to your information.

6.2 Taking precautions with overseas transfers and third parties

When we send information overseas or use third parties that handle or store data, we take reasonable steps to ensure that appropriate data handling and security arrangements are in place.

6.3 System security

When you transact with us on the internet via our website or mobile apps we encrypt data sent from your computer to our systems. We have firewalls, intrusion detection systems and virus scanning tools to help to protect against unauthorised persons and viruses accessing our systems. When we send your electronic data outside the Group we use dedicated secure networks or encryption. We limit access by requiring use of passwords and/or smartcards.