PRIVACY POLICY

INTRODUCTION

Bano Pty Ltd ACN 643 260 431 (we, us or our) respects the privacy of all customers, third parties, suppliers and visitors (you, your or yours) and is committed to protecting your personal information. The Privacy Act 1988 (Cth) (Privacy Act) defines personal information as information or an opinion about an identified individual, or an individual who is reasonably identifiable whether the information or opinion is true or not and whether the information or opinion is recorded in a material form or not (personal information).

This Privacy Policy applies to all personal information collected by us, or submitted to us, whether offline or online, including personal information submitted by you through our website and any mobile sites (Websites), applications, widgets and other mobile interactive features (collectively, our Apps), or through our official social media pages that we control (our Social Media Pages), as well as through HTML-formatted email messages that we send to you (collectively, the Apps, Social Media Pages and Websites, are the Sites).

This Privacy Policy describes how we deal with information we collect and demonstrates our commitment to the protection of your privacy. By visiting the Sites and otherwise providing personal information to us, you are accepting and consenting to the practices described in this Privacy Policy. If you do not agree with any of the terms of this Privacy Policy, please do not use the Sites or submit any personal information to us.

Any personal information we collect about you will only be used for the purposes we have collected it for or as allowed under applicable law, including the Privacy Act. We comply with the Australian Privacy Principles for the protection of personal information, as set out in the Privacy Act.

KINDS OF PERSONAL INFORMATION WE COLLECT

We collect personal information from you for the purposes of dealing with you and in assisting us to arrange for the products and services you request to be provided to you. We may also collect your personal information for the purposes of direct marketing and managing our relationship with you.

The personal information we collect, and hold may include your location data, contact details, such as your name, address, telephone numbers and email address, your personal details, such as date of birth, your employment information, residential status, and information about your financial position, like your income, expenses, savings and assets, your reasons and objectives for applying for a product or service. We also hold all records of your communications and other interactions with us.

We may collect and hold identification and transaction information about you for the purpose of our compliance with the Anti-Money Laundering and Counter-Terrorism Financing Act 2008 (Cth). Your identity information may be verified with the issuer or official record holder. In certain cases, we collect your personal information from third parties, such as your nominated representative (such as a legal or financial adviser), your employer, or publicly available sources of information.

HOW DO WE COLLECT PERSONAL INFORMATION

We collect personal information about you when it is reasonably necessary for one or more of our activities or functions. This personal information is collected in a number of ways, including through the Sites. For example, we may:

The provision of your personal information is voluntary. However, if you cannot, or will not, provide us with the personal information we reasonably require, we may not be able to verify your identify, assess your application for a product or service, manage our relationship with you, contact you or otherwise interact with you, perform our statutory functions, or provide you with some or all of our products and services.

USE OF PERSONAL INFORMATION

We will not collect or use your personal information unless it is lawful for us to do so. We collect and use personal information for the following purposes:

We have a legitimate interest in using your information in these ways. It is also fundamental to the nature of the service we provide. In some cases, it will be lawful for us to collect and use your personal information, for example where it is necessary as part of our, or a third party's statutory function or because the law permits or requires us to.

In addition to the specific circumstances above, we will only use your personal information with your consent (if required under applicable data protection laws) when we process your personal information to send you carefully selected marketing materials about our products and services (or those of our third party partners) by email, text or push notification, depending on your operating system settings. You have the right to opt out of receiving such direct marketing at any time by contacting us. In your request, please indicate that you wish to stop receiving marketing communications from us.

Our Sites may contain hyperlinks to websites operated by third parties. We are not responsible for the content of such websites, or the manner in which those websites handle any personal information you provide. In these cases, your personal information may be collected by this third party and not by us and will be subject to the third party's privacy policy, rather than this Privacy Policy. We have no control over, and are not responsible for, this third party's use or disclosure of your personal information.

DISCLOSURE OF PERSONAL INFORMATION

We do not use your personal information or disclose it to another organisation unless it is reasonably necessary for one of the purposes described above, having regard to the nature of the information or the circumstances of collection we believe you would expect us to use the information or make the disclosure: for example, if it is required or authorised by law or court or tribunal, it is necessary to protect the rights, property, health or personal safety of a customer, the public or our interests, and it is unreasonable or impracticable to obtain your consent, the disclosure is necessary to assist any entity, body or person to locate a person who has been reported missing, we have reason to suspect that activity, or misconduct of a serious nature, that relates to our functions or activities has been, is being or may be engaged in, and we believe that the collection, use or disclosure is necessary in order for us to take appropriate action, it is necessary to obtain third party services, for example to carry out data analysis or provide information processing services (where use of your information by third parties is strictly controlled), it is for one of the purposes expressly permitted under applicable data protection and privacy laws or you have provided your consent.

We may disclose your personal information to any of our related and associated companies, affiliates and subsidiaries, including those established in the future: for example, guarantors and security providers, credit bureaus, credit providers, brokers, agents, remitters, financial advisors and people who act on your behalf, organisations involved in our funding arrangements, banks and financial institutions, auditors, organisations that help identify illegal activities and prevent fraud, any data processors processing your information on our behalf, where applicable, third parties who provide related financial services or products in connection with our business such as our vendors, business partners, and any party assisting us in carrying out the purposes described above, parties which participate in joint marketing schemes with us, any agent, contractor or service provider who provides verification of identity, administrative, order processing, payment clearing, credit reference, debt collecting or other services necessary to the operation of our business, any person to whom we are, in our belief in good faith, under an obligation to make disclosure as required by any applicable law, government agencies, statutory authorities and industry regulators, our auditors, consultants, accountants, lawyers or other financial or professional advisers and our sub-contractors or third party service or product providers as may be determined to be necessary or appropriate.

OVERSEAS DISCLOSURES

We may use the services of certain third party service providers which may have offices or other operations outside of Australia. As a result, your personal information may be disclosed to recipients in those foreign countries. All service providers that have access to personal information held by us are required to keep the information confidential and not to make use of it for any purpose other than to provide financial or other services in accordance with their engagement. We will take all steps that are reasonably necessary to ensure your personal information is treated securely and in accordance with this Privacy Policy as well as applicable data protection laws.

CORRECTION / CONCERNS ABOUT PERSONAL INFORMATION

Individuals may request access to their personal information unless we are permitted by law to withhold that information. Individuals may also request the correction of any personal information which is inaccurate by contacting our Privacy Officer at privacy@banofinancial.com.

To the extent permitted by law, there are some exceptions where this access may be denied. To request access and seek the correction of personal information held by us, please email, call or write to us. We will endeavour to respond to any access or correction request within 7 working days of receipt.

If you would like any further information about our handling of personal information, or to make a complaint about our handling of your personal information, or you believe there has been a breach by us of the Privacy Act, please lodge a complaint addressed to our Privacy Officer at privacy@banofinancial.com.

Once we receive your complaint, we will respond to you within a reasonable period of time, usually within 7 working days. If you are unsatisfied with the outcome of your complaint, you may contact us further to advise of your concerns and, if we are unable to reach a satisfactory resolution, you may wish to take your complaint to the Office of the Australian Information Commissioner. Phone: 1300 363 992. Website: www.oaic.gov.au.

SECURITY OF PERSONAL INFORMATION

We use reasonable organisational, technical and administrative measures and security safeguards to protect, as is reasonable in the circumstances, the personal information we hold from misuse, loss, interference and/or unauthorised access, use, disclosure or alteration of information under our control. Where practicable, we implement measures to require organisations to whom disclosure is made to comply with applicable data protection and privacy laws. If a third party is given access to personal information, we take reasonable steps to ensure that the information is held securely and used only for the purpose of providing the relevant service or activity. Unfortunately, no data transmission over the internet or data storage system can be guaranteed to be 100% secure.

We will only retain your personal information for as long as is necessary for the purpose for which that personal information was collected and to the extent permitted by applicable laws. When we no longer need to use personal information, we will remove it from our systems and records and/or take steps to anonymise it so you can no longer be identified from it.

VARIATIONS TO THE PRIVACY POLICY

We reserve the right to modify this Privacy Policy at any time by publishing an updated version on our Website and taking any further action as required by law, after which, your continued use of the Website or your provision of any further personal information will indicate your acknowledgement to the modified terms of this Privacy Policy.

This Privacy Policy was last updated on 16 January 2021.