Bano Pty Ltd ACN 643 260 431 (we, us or our) respects the privacy of all customers, third parties, suppliers and visitors (you, your or yours) and is committed to protecting your personal information. The Privacy Act 1988 (Cth) (Privacy Act) defines personal information as information or an opinion about an identified individual, or an individual who is reasonably identifiable whether the information or opinion is true or not and whether the information or opinion is recorded in a material form or not (personal information).
Any personal information we collect about you will only be used for the purposes we have collected it for or as allowed under applicable law, including the Privacy Act. We comply with the Australian Privacy Principles for the protection of personal information, as set out in the Privacy Act.
We collect personal information from you for the purposes of dealing with you and in assisting us to arrange for the products and services you request to be provided to you. We may also collect your personal information for the purposes of direct marketing and managing our relationship with you.
The personal information we collect, and hold may include your location data, contact details, such as your name, address, telephone numbers and email address, your personal details, such as date of birth, your employment information, residential status, and information about your financial position, like your income, expenses, savings and assets, your reasons and objectives for applying for a product or service. We also hold all records of your communications and other interactions with us.
We may collect and hold identification and transaction information about you for the purpose of our compliance with the Anti-Money Laundering and Counter-Terrorism Financing Act 2008 (Cth). Your identity information may be verified with the issuer or official record holder. In certain cases, we collect your personal information from third parties, such as your nominated representative (such as a legal or financial adviser), your employer, or publicly available sources of information.
We collect personal information about you when it is reasonably necessary for one or more of our activities or functions. This personal information is collected in a number of ways, including through the Sites. For example, we may:
The provision of your personal information is voluntary. However, if you cannot, or will not, provide us with the personal information we reasonably require, we may not be able to verify your identify, assess your application for a product or service, manage our relationship with you, contact you or otherwise interact with you, perform our statutory functions, or provide you with some or all of our products and services.
We will not collect or use your personal information unless it is lawful for us to do so. We collect and use personal information for the following purposes:
We have a legitimate interest in using your information in these ways. It is also fundamental to the nature of the service we provide. In some cases, it will be lawful for us to collect and use your personal information, for example where it is necessary as part of our, or a third party's statutory function or because the law permits or requires us to.
In addition to the specific circumstances above, we will only use your personal information with your consent (if required under applicable data protection laws) when we process your personal information to send you carefully selected marketing materials about our products and services (or those of our third party partners) by email, text or push notification, depending on your operating system settings. You have the right to opt out of receiving such direct marketing at any time by contacting us. In your request, please indicate that you wish to stop receiving marketing communications from us.
We do not use your personal information or disclose it to another organisation unless it is reasonably necessary for one of the purposes described above, having regard to the nature of the information or the circumstances of collection we believe you would expect us to use the information or make the disclosure: for example, if it is required or authorised by law or court or tribunal, it is necessary to protect the rights, property, health or personal safety of a customer, the public or our interests, and it is unreasonable or impracticable to obtain your consent, the disclosure is necessary to assist any entity, body or person to locate a person who has been reported missing, we have reason to suspect that activity, or misconduct of a serious nature, that relates to our functions or activities has been, is being or may be engaged in, and we believe that the collection, use or disclosure is necessary in order for us to take appropriate action, it is necessary to obtain third party services, for example to carry out data analysis or provide information processing services (where use of your information by third parties is strictly controlled), it is for one of the purposes expressly permitted under applicable data protection and privacy laws or you have provided your consent.
We may disclose your personal information to any of our related and associated companies, affiliates and subsidiaries, including those established in the future: for example, guarantors and security providers, credit bureaus, credit providers, brokers, agents, remitters, financial advisors and people who act on your behalf, organisations involved in our funding arrangements, banks and financial institutions, auditors, organisations that help identify illegal activities and prevent fraud, any data processors processing your information on our behalf, where applicable, third parties who provide related financial services or products in connection with our business such as our vendors, business partners, and any party assisting us in carrying out the purposes described above, parties which participate in joint marketing schemes with us, any agent, contractor or service provider who provides verification of identity, administrative, order processing, payment clearing, credit reference, debt collecting or other services necessary to the operation of our business, any person to whom we are, in our belief in good faith, under an obligation to make disclosure as required by any applicable law, government agencies, statutory authorities and industry regulators, our auditors, consultants, accountants, lawyers or other financial or professional advisers and our sub-contractors or third party service or product providers as may be determined to be necessary or appropriate.
Individuals may request access to their personal information unless we are permitted by law to withhold that information. Individuals may also request the correction of any personal information which is inaccurate by contacting our Privacy Officer at firstname.lastname@example.org.
To the extent permitted by law, there are some exceptions where this access may be denied. To request access and seek the correction of personal information held by us, please email, call or write to us. We will endeavour to respond to any access or correction request within 7 working days of receipt.
If you would like any further information about our handling of personal information, or to make a complaint about our handling of your personal information, or you believe there has been a breach by us of the Privacy Act, please lodge a complaint addressed to our Privacy Officer at email@example.com.
Once we receive your complaint, we will respond to you within a reasonable period of time, usually within 7 working days. If you are unsatisfied with the outcome of your complaint, you may contact us further to advise of your concerns and, if we are unable to reach a satisfactory resolution, you may wish to take your complaint to the Office of the Australian Information Commissioner. Phone: 1300 363 992. Website: www.oaic.gov.au.
We use reasonable organisational, technical and administrative measures and security safeguards to protect, as is reasonable in the circumstances, the personal information we hold from misuse, loss, interference and/or unauthorised access, use, disclosure or alteration of information under our control. Where practicable, we implement measures to require organisations to whom disclosure is made to comply with applicable data protection and privacy laws. If a third party is given access to personal information, we take reasonable steps to ensure that the information is held securely and used only for the purpose of providing the relevant service or activity. Unfortunately, no data transmission over the internet or data storage system can be guaranteed to be 100% secure.
We will only retain your personal information for as long as is necessary for the purpose for which that personal information was collected and to the extent permitted by applicable laws. When we no longer need to use personal information, we will remove it from our systems and records and/or take steps to anonymise it so you can no longer be identified from it.