This Policy has been adopted by Grapple Invoice Finance Fund Pty Ltd (ABN 82 628 786 658).
This document sets out our policy on the management of personal information which we have about individuals. Those individuals include clients, associates of clients or debtors, to whom we may provide or may have transacted with, guarantors of both individual and company clients and individuals who may provide a guarantee, and individuals who are or become customers of our clients.
We collect and hold credit information about individuals who are clients, guarantors, debtors and associates. This information includes:
We obtain credit reporting information about individuals who are clients, guarantors, debtors and associates from credit reporting bodies. We only obtain it to the extent we are entitled to obtain it under the Privacy Act 1988. We might, for example, need to obtain the individual’s prior authorisation. Credit reporting information includes:
The personal information, other than credit information and credit reporting information, we collect and hold varies depending on the person we are dealing with and the reason why we are dealing with them. We collect this general personal information from individuals who are clients, guarantors, debtors, associates, prospective employees, contractors, suppliers, brokers, introducers, merchants, agents, professional advisers, mercantile agents, mailing houses, call centre operators, archivers and service providers. This information will generally include the individual’s name and contact details. We will only collect sensitive information about an individual with the individual’s consent or when permissible under Australian law.
Under various laws we will be (or may be) authorised or required to collect personal information about an individual. These laws include the Anti-Money Laundering and Counter-Terrorism Financing Act 2006, Personal Property Securities Act 2009, Corporations Act 2001, Autonomous Sanctions Act 2011, Income Tax Assessment Act 1997, Income Tax Assessment Act 1936, Income Tax Regulations 1936, Tax Administration Act 1953, Tax Administration Regulations 1976, A New Tax System (Goods and Services Tax) Act 1999 and the Australian Securities and Investments Commission Act 2001 as those laws are amended and includes any associated regulations.
We collect personal information, other than credit eligibility information, about individuals in a variety of ways. For example, we may obtain the information from the individual or from persons acting on the individual’s behalf. When it is possible and practical we will collect the information directly from the individual. When it is not practical or reasonable to do so we will collect the information from a third party. The third party could be an authorised representative (such as a broker, agent, accountant or lawyer), another financial institution, a referee, an employer or a government body. When the individual is a debtor or an associate we may obtain the information from the client.
The credit eligibility information is obtained from a credit reporting body.
We take all reasonable steps to ensure that an individual’s personal information which we hold is protected from misuse, interference or loss and from unauthorised access, modification or disclosure.
We do this by having physical, electronic and procedural safeguards which protect the personal information we hold. For example, the personal information is stored in secure office premises or in secure archiving facilities and logins and passwords are required to access electronic databases.
Our staff are required to maintain the confidentiality of personal information and access to personal information is restricted to persons who require access to perform their duties.
We collect, hold, use and disclose credit information and credit eligibility information on individuals for purposes permitted by law which are reasonably necessary for our business activities. Those purposes include:
We do not hold any CP derived information.
We may disclose credit information (such as identification information) about an individual to a credit reporting body. The credit reporting body may include that information in the reports it provides to other credit providers.
We disclose credit information to the following credit reporting bodies:
Name: CreditorWatch Pty Ltd
Mail: GPO Box 276, Sydney NSW 2001
Name: Equifax Pty Ltd
Mail: PO Box 964, North Sydney NSW 2059
Name: illion Australia Pty Ltd
Mail: PO Box 7405, St Kilda Road, Melbourne VIC 3004
Name: Vix Verify Pty Ltd t/as GreenID
Mail: P.O. Box 4863, Sydney NSW 2001
Name: Rapid ID Pty Ltd
An individual has the right to request that the credit reporting body exclude his or her credit reporting information from any permissible direct marketing activities we may ask it to perform. The individual also has the right to request that the credit reporting body not use or disclose his or her credit reporting information if the individual believes that he or she has been, or is likely to be, the victim of fraud (for example, the individual suspects someone is using his or her identity details to apply for credit). The individual must contact the credit reporting body direct should this be the case.
We collect, hold, use and disclose personal information which is not credit information or credit eligibility information so that we can manage and administer the facilities which we provide. When we conduct business transactions with entities we do so to assist us in determining whether we should enter into the transaction and, if we do, to assist in managing the transaction. To provide our facilities in the most cost effective and efficient way, we may decide to utilise the services of others. If this requires that we disclose personal information we will require those persons to respect your right of privacy.
Personal information may also be used or disclosed to tell an individual about products or services that may be of interest to that individual. If the individual does not want his or her personal information used for these direct marketing purposes the individual should tell us. He or she can “opt-out” of direct marketing by sending an e-mail to or by writing to us at:
Privacy Contact Officer
Level 21, 60 Margaret Street
SYDNEY NSW 2000
An individual may access personal information (including credit eligibility information) about the individual which we hold. The individual can obtain that access by contacting our privacy contact officer as follows:
Telephone: 1 300 495 300
Mail: Privacy Contact Officer
Level 21, 60 Margaret Street
SYDNEY NSW 2000
We will need to verify the individual’s identity before giving access. We will usually provide the requested personal information within 30 days of receiving the request. There is no charge to make a request but we may levy an administration fee for providing access.
If there is a reason why we do not make the requested personal information available, we will provide our reason in writing.
If an individual considers that any personal information which we hold about the individual is incorrect in any way, the individual may ask us to correct that personal information. To seek the correction please contact our Privacy Contact Officer on the telephone number or at the e-mail or postal address above.
In certain situations, we may decide not to agree to a request to correct personal information. We will tell you in writing why we have not agreed to the correction request.
We have an internal dispute resolution system that covers complaints. That system complies with ISO 10002-2006 Customer Satisfaction – Guidelines for Complaints Handling in Organisations: sections 4, 5.1, 6.4, 8.1 and 8.2. If an individual considers that we have failed to comply with Division 3 of Part IIIA of the Privacy Act 1988, the Credit Reporting Privacy Code or the Australian Privacy Principles he or she should contact our Privacy Contact Officer on the telephone number or at the email or postal address above. We will then follow our internal dispute resolution system. We will acknowledge the complaint within 7 days. A decision will be made and advised within 30 days or a longer period as may be agreed with the individual.
If the individual is not satisfied with the decision he or she may make a complaint to the Office of the Australian Information Commissioner (the “OAIC”).
The contact details for the OAIC are: Telephone: 1300 363 992
Facsimile: (02) 9284 9666
Mail: The Office of the Australian Information Commissioner
GPO Box 5218
SYDNEY NSW 2001
Generally, we do not disclose personal information to overseas recipients or to persons that do not have an Australian link. However, we may do so. For example, if the debtor is located overseas we may need to send the client’s personal information overseas so that we can collect the debt. We may use service providers located overseas. In each case personal information is provided to an overseas recipient when this is permitted under the Privacy Act.
The countries where the overseas recipients of personal information are likely to be located are New Zealand, United States, Canada, United Kingdom, Austria, Belgium, Finland, France, Germany, China (including Hong Kong), Ireland, Italy, Ukraine, Japan, Luxembourg, Malta, the Netherlands, Portugal, Singapore, South Africa, Spain and Switzerland.
We recognise the obligation to notify affected individuals, as well as the Australian Information Commissioner, of any ‘eligible data breaches’ as defined for the purposes of Part IIIC of the Act.
“associate” means a person who is or may become an officer, shareholder or employee of the client, the guarantor or the debtor;
“client” means a person (such as a company, sole trader or partnership) to whom Grapple Invoice Finance Fund Pty Ltd has provided a debtor finance or other facility including the provision of commercial credit and includes a person who has applied for, or may apply for, a facility of that type and a person (such as a company, sole trader or partnership) from whom Grapple Invoice Finance Fund Pty Ltd has purchased or may purchase goods or services or to whom Grapple Invoice Finance Fund Pty Ltd has sold or may sell goods or services;
“debtor” means a person who owes, or may owe, an account (also known as a book debt) which the client has sold to us or may sell to us or in which the client has granted, or may grant, a security interest to us;
“guarantor” means a person who has guaranteed, or may guarantee, the obligations which a client has or may have to us; and
“we”, “us” and “our” means Grapple Invoice Finance Fund Pty Ltd (ABN 82 628 786 658).