Privacy Policy

NOTE THAT WE HAVE UPDATED OUR PRIVACY POLICY EFFECTIVE 28 AUGUST 2025

(published 28 August 2025)

We are bound by the Australian Privacy Principles of the Privacy Act 1988 (Cth) and the New Zealand Privacy Principles of the Privacy Act 2020 (NZ). Any reference in this Privacy Policy to the “Privacy Act” and “Privacy Principles” is a reference to either or both of those acts and/or privacy principles as applicable.

We will protect your personal information under these Privacy Acts and will only use or disclose personal information we hold about you under this Privacy Policy or as otherwise permitted by law. We believe that respect for your privacy forms part of the ongoing trust we wish to develop with you.

“Personal information” is information about an individual either identified in the information or whose identity can be reasonably ascertained from the information (and regardless of the form of the personal information and regardless of whether it is true or not) under the Privacy Act 1988 (Cth); and/or any information about an identifiable individual (under the Privacy Act 2020 (NZ)), as applicable.

This Privacy Policy applies to personal information we collect directly from you as a member of the Capricorn Group (“Member”), authorised purchaser, a supplier or independent contractor, a prospective supplier or independent contractor, prospective, current or former employees of Capricorn Group or other individual whose personal information we collect in accordance with this Privacy Policy. It also applies to personal information we collect about you from third parties.

We can provide you with a copy of this Privacy Policy upon request.

For this Privacy Policy, we have referred to personal information as ‘information’. Unless otherwise required by the context, reference to ‘information’ does not include information that is not personal information (whether about you, your business or otherwise).

Contents of this Privacy Policy:

  1. Who is covered by this Privacy Policy?
  2. Collection of your information
  3. Using your information
  4. Disclosing information
  5. Credit reporting
  6. Processing of your information
  7. Securing your information
  8. Accessing your information
  9. Dealing with us anonymously
  10. Correcting your information
  11. Resolving your privacy issues
  12. Changes to this Privacy Policy
  13. Contact us

1. Who is covered by this Privacy Policy?

This Privacy Policy applies to Capricorn Society Limited (ACN 008 347 313) and its subsidiaries (referred to in this Privacy Policy as “we”, “us” or “our”). The subsidiaries covered include Capricorn Risk Services Pty Ltd (ACN 111 632 789), Capricorn Insurance Services Pty Ltd (ACN 154 801 37 7 and AFSL 435197), Capricorn Mutual Management Pty Ltd (ACN 129 143 479), Capricorn Travel Australia Pty Ltd (ACN 008 926 645), Capricorn 1974 Pty Ltd (ACN 600 112 829) and Capricorn Society Financial Services Pty Ltd (ACN 129 134 667) (“Capricorn Group”).

This Privacy Policy does not apply to Capricorn Mutual Ltd (ACN 104 601 194). The Privacy Policy of Capricorn Mutual Limited is available on its website (capricornmutual.com).

This Privacy Policy applies in respect of our business operations and the products and services we provide including but not limited to:

  • Your Membership with us;
  • Trade credit provided by Capricorn Society Limited;
  • Shares issued by Capricorn Society Limited;
  • Extended finance provided by Capricorn Society Limited and Capricorn Society Financial Services Pty Limited including CAP ezi-finance®;
  • Risk Services arranged through Capricorn Risk Services Pty Ltd, including general insurance brokered by Capricorn Insurance Services Pty Ltd;
  • Marketing services provided by Capricorn Society Limited including through the Purple Pages® trade directory and Ignition® magazine;
  • Competitions or promotions we may run;
  • Events including gala dinners, trade shows, golf days and BBQs provided by Capricorn Society Ltd;
  • ‘Capricorn Convention’ and other travel services provided by Capricorn Travel Australia Pty Ltd;
  • ‘Capricorn Fuel Card’ provided by Capricorn Society Ltd with our third-party service providers;
  • Capricorn Service Data® and AutoBoost® provided by Capricorn Society Ltd with our third-party service providers;
  • Capricorn Rewards Points and the Capricorn Rewards program provided by Capricorn Society Ltd with our third-party service providers;
  • Capricorn sponsorship activities;
  • Products and services we may acquire from third parties;
  • Information and content we may make available via our websites;
  • Interactions we may have with individuals visiting our offices or online via recorded meetings on Zoom or Microsoft Teams; and
  • The recruitment and engagement of our officers, employees, contractors and sub-contractors.

By providing us with information, you consent to it being used by us for the purposes set out or permitted in this Privacy Policy or as otherwise authorised.

2. Collection of your information

Why do we collect your information?

We collect your information so that we can perform various functions and activities. These functions and activities vary depending on our relationship with you. For example, we primarily collect information about you to:

  • If you are a Member or Authorised Purchaser, provide the Membership and/or associated products and services that you may request from us or that may be available to you as our Member or Authorised Purchaser. We consider you to be a Member if you are a shareholder of Capricorn. We consider you to be an Authorised Purchaser if we provide you with a credit facility and will refer to you in this document as a customer or Authorised Purchaser interchangeably.
  • If you are a prospective supplier or independent contractor, assess your suitability to be a supplier or independent contractor of the Capricorn Group and/or explore potential business or collaboration opportunities.
  • If you are a supplier or independent contractor, facilitate the provision of products or services by you to us and our Members.
  • If you are a third party, facilitate the administration or management of our claim services.
  • If you are a current or former employee, manage your employment with us, including maintaining your employment history, payroll, administrative information relating to your period of employment.
  • If you are a prospective employee, process and evaluate your application for employment.

You can find a more detailed explanation of the purposes for which we collect information in the section titled “Using your personal information” below.

We also collect your information where the law requires us to do so. Where we are legally required to collect information from you, we will give you more information at the time about which law applies and why we need that information.

If you do not provide us with the information we request, we may not be able to:

  • Assess your suitability to become a Member, Authorised Purchaser, employee, supplier or independent contractor of Capricorn;
  • Explore potential business or collaboration opportunities;
  • Provide you with the products and services that you request from us or that may be available to you as a customer or as a Member or supplier or independent contractor;
  • Manage and administer our relationship with you;
  • Notify you about other products or services or benefits associated with being a Member, Authorised Purchaser or supplier that may be of interest to you;
  • Verify your identity and protect against fraud;
  • Allow you to attend a Capricorn event or workplace;
  • Allow you to participate in a competition or promotion; or
  • Allow you to provide us with products or services.

Collecting information from you

If you are a Member or Authorised Purchaser, we collect most information directly from you when you apply for or use one or more of our products and services. For example, including but not limited to when you provide us with information when you complete an application for a trade account, register for an event, request that we broker insurance on your behalf, request us to provide any of our services to you or deal with us over the phone or use our websites (including capricorn.coop, capricornrisk.com, capricorninsurance.com.au and capricorn-travel.com.au).

If you are a supplier or independent contractor, we collect information directly from you either prior to or while you provide products or services to us.

We collect most information directly from you when you interact with us. Some or all of the information that we may collect from all individuals we interact with includes your:

  • Name;
  • Personal contact details, including addresses, phone numbers, and email addresses and gender;
  • Business contact details, including addresses, phone numbers, and email addresses of your employees, and senior managers and/or directors;
  • Voice and image;
  • Opinions or personal views;
  • Government related identifiers, such as your tax file number (in Australia), Inland Revenue Department number (in New Zealand) and GST number;
  • Date of birth;
  • Financial details relating to you personally and any business you own or are involved in such as asset and liability statements;
  • Credit history with us and with third parties including nominated trade referees and details of your trading history with them and our preferred suppliers;
  • Reports from credit reporting agencies about your creditworthiness or credit history, where applicable;
  • Transaction and correspondence history with us;
  • Number of shares held with us;
  • Bank account and credit card details;
  • Driver licence details;
  • Passport details, visa information, health issues, travel preferences and frequent flyer information relevant to your travel requirements;
  • Police record;
  • Professional experiences, qualification and expertise (if you are an independent contractor);
  • Insurance details;
  • Declarations of any conflicts of interest;
  • Payroll information, including tax numbers and codes, superannuation or saving schemes you are part of, and any bank account numbers provided to us;
  • Emergency contact information and details about next of kin;
  • Details required by third parties if you have engaged us to arrange a product on your behalf (for example, a fuel card arranged by us, rewards redeemed through the Capricorn Rewards program or insurance and risk protection arranged by us) including name, address, date of birth, gender, marital status, occupation, account details, contact details and financial information; and
  • Certain other information from time to time, which we will generally tell you about in a supplemental privacy statement.

Collecting sensitive information

Occasionally we may collect sensitive information about you, as follows:

  • Health information, such as:
    • for the purposes of considering your application for Membership, Authorised Purchaser and protection or to assess claims, or where required to confirm your compliance with government mandates, our policies or the policies of third party providers (e.g. event venues, travel providers);
    • if Capricorn Insurance Services Pty Ltd, in the provision of insurance broking services to you, is assisting to arrange workers compensation insurance or other personal insurance or assisting you with a claim you have made that involves a personal injury or your health more generally;
    • if Capricorn Travel Australia Pty Ltd is making travel arrangements or is involved with respect to insurance on your behalf; and
    • information about professional associations, any disabilities or other conditions that might impact upon your employment or on Capricorn Group’s workplace health and safety obligations; and
  • Information about your membership of professional and trade associations to assist us represent the interest of Members at an industry level when dealing with government or industry bodies.

Collecting information from someone other than you

We may collect information about you that is publicly available, such as from phone and trade directories, websites, social media and public registers (such as the companies register, business names register and the personal property securities register in Australia and New Zealand).

Wemayalsoindirectly collectinformationfrom somebody other than you, for example:

  • Credit reporting bodies if we request a commercial or consumer credit report about your credit history (see the “Credit Reporting” for more information about our credit reporting policy);
  • Land title authorities;
  • Our preferred suppliers including as you transact with them through your trade credit account;
  • Other credit providers if you put them forward as a trade or other reference;
  • Police clearance and security check providers;
  • Medical report providers;
  • Entities within the Capricorn Group, so we can better manage your relationship with us as a whole;
  • Marketing companies, event organisers, mail houses and other services providers if we use them to assist us in providing our products and services;
  • Our claims fulfillment and other service providers such as motor repairers, claims assessors, debt recovery agencies and legal firms;
  • Other insurance companies or organisations involved in processing claims;
  • Other Members, claimants and witnesses;
  • Recruitment agencies or recruitment websites (including, but not limited to, Seek, LinkedIn and Indeed); and/or
  • Identification and qualification verification providers.

Collecting information required by law

We may collect information from you because we are required or authorised to do so under law.

For example, before we can provide you with a trade credit account or any extended lending product, we are required under anti-money laundering and counter terrorism financing laws to collect certain information from you such as your driver’s licence or passport to verify your identity.

Unsolicited information

Sometimes we may receive unsolicited information about you. If so, we will check whether the information is reasonably necessary for our functions or activities and we could have collected it from you had we solicited the information. If it is, we will handle this information as we do with other information we seek from you. If not, and it is lawful and reasonable to do so, we will destroy or de-identify it.

Collecting information prospectively

We may also collect personal information about you from you or from third parties prospectively, having identified that you wish to use our products or services or to supply us with products or services.

Collecting information over the phone

When we engage with you over the phone, we may record the phone call for training and compliance purposes. We will notify you of this at the start of the call and you can tell us if you do not want the call recorded.

When you are required to make a payment to us, we will provide you with a secure link to make the payment through our third party provided online payment platform.

Collecting information from our websites

When you interact with our websites, certain information about your use of our websites is automatically collected. This may include information such as the date and time of your visit to the website, the pages accessed, curser movements on the page, documents viewed, previous sites visited, browser type, browser language, general location information, information about the device you used to visit the website and your IP address. 

This information may be collected through “cookies” or similar browser or device tracking technologies. We may link information provided by cookies with other information we hold to identify you personally.

We may use cookies for analytical purposes to improve the content and user experience of our websites. When we do this, cookies identify your browser or device, but not you personally.

We may also use cookies for functional purposes, to manage certain features of our websites including remembering your preferences and selecting and delivering personalised content to you and measuring the delivery and effectiveness of that content.

We may use service providers, including Google Analytics, to help us analyse information about your use of our websites. Information that can personally identify you is not collected by or provided to these service providers as part of the service they provide to us. The information generated about your use of our websites will be transmitted to and stored by our service providers on servers in the United States and around the world. Our service providers will use this information to provide us reports on website use and other services relating to websites. More information about how Google uses data is available from Google at www.google.com/policies.google.com/technologies/partner-sites.You can limit or prevent your information from being collected through using private browsers, and by refusing to accept cookies by selecting the appropriate settings on your browser and by installing add-ons to your browser such as the Google Analytics opt-out browser add-on. However, please note that if you do this, you may not be able to use the full functionality of the website.

We may collect and hold the following information through pixels about how our websites are accessed or used:

  • IP address, browser type, page location and visit time, document referrer, document sizes, visibility and rendering, the person using or viewing the websites (name and email address, if provided);
  • Actions taken by users, e.g. purchases or sign-ups;
  • User interactions, e.g. clicks, scrolls, mouse movements and keystrokes;
  • How viewers interact with videos, e.g. playing rate, playing count, average engagement, which parts of the videos watched, rewatched or skipped;
  • Information about script errors and other issues relating to error diagnostic situations;
  • The number of times that an online form has been viewed and/or submitted;
  • Source, medium and/or campaign that brought the user to the form such as the referee URL; and
  • (If a user is from the LinkedIn platform) LinkedIn profile information, e.g. job title, company and industry; browser type; page visit time; actions taken by user such as form submissions or purchases.

Collecting information from social networking services and vendors’ applications or platforms

You may use social networking services such as Twitter, Facebook, LinkedIn and YouTube to communicate with us. You may also receive or use our products or services as and when they are presented through our vendors’ applications or platforms. In doing so, we and/or such service providers or vendors may collect your information you have shared via those networking services, applications or platforms. Though our engagement with such social networking service providers and vendors would be based on terms including the applicable Privacy Act’s requirements, we do not have full control over such social networking services or applications or platforms, which may also collect and use your personal information for their own purposes. We are not responsible for the protection and privacy of any information which you provide while using such services, applications or platforms; and such services, applications or platforms are not governed by this Privacy Policy. They have their own privacy policies which you can access on their websites.

3. Using your information

How will we use your information?

As a Member or Authorised Purchaser, we may hold, use and disclose information we collect about you for several purposes, including, whichever applicable:

  • To provide you with information on your eligibility for Membership with us;
  • To enable us to consider your application for Membership or a product or service;
  • To verify your identity when you become a member, create an account and each time you interact with us;
  • To provide you with products or services that you request from us or that may be available to you;
  • To allow us to manage our relationship with you, including communicating with you about benefits, events or products and services you may be receiving or may receive;
  • To allow us to manage our arrangements with our preferred suppliers or other third parties that may be involved in the provision of products or services to you and to allow these same preferred suppliers and third parties to manage their arrangements with you;
  • To allow us to help a third party provide to you or manage a product or service (for example, our Rewards Program) or that when involved in broking or facilitating the provision of that product or service (for example, insurance brokered through Capricorn Insurance Services Pty Ltd or the provision of products or services through Repairify Australia) or where your access to that third party product or service is based on your relationship with us (for example; protections available from Capricorn Mutual Limited);
  • To allow us to provide you with access to products and services available from us in association with third party providers, including Capricorn Service Data® and AutoBoost®;
  • To help manage arrangements with third parties where we have appointed them as authorised representatives or outsourced functions to them that are relevant to the provision of our products or services to you;
  • To assist in our general management and administration including; rendering of accounts, risk management, governance, strategic development, systems development, credit management, debt collection, staff training, compliance and research (including market research conducted in collaboration with another party);
  • To deal with any enquiries, complaints or concerns with or against us and to manage any legal action that may arise between you and us now and in the future in relation to the provision of our services;
  • To prevent or investigate any actual or suspected fraud, illegal act or misconduct;
  • To enforce our legal rights;
  • Subject to applicable law, to facilitate a sale (or proposed sale) of our business, any of our assets or the business or assets of other parties which we acquire or may acquire or any other similar corporate transaction;
  • To facilitate competitions and sponsorship activities;
  • To conduct innovation, marketing and/or business research and/or analysis;
  • To comply with any laws, regulations, codes of practice or payment system requirements; and
  • Any other purpose permitted by law or to which you consent.

As a supplier or independent contractor (including prospective suppliers or independent contractors), we may hold, use and disclose information we collect about you for several purposes, including, whichever applicable:

  • To enable us to consider you as a potential supplier or independent contractor, including considering any tender or proposal you may submit to us.
  • To allow us to manage our relationship with you, including communicating with you about benefits, events or products and services you may be receiving or may receive.
  • To allow you to provide us and/or our Members with products and services, or us to provide you with the same.
  • To allow us to manage our business relationship with you and to contact you or allow our Members to contact you for potential service and/or good requests.
  • To allow us to manage our arrangements with Members and to allow these Members and third parties to manage their arrangements with you.
  • To assist in our general management and administration including rendering of accounts, risk management, governance, strategic development, systems development, credit management, debt collection, staff training, and compliance.
  • To deal with any enquiries, complaints or concerns with or against us and to manage any legal action that may arise between you and us now and in the future in relation to the provision of our services.
  • To prevent or investigate any actual or suspected fraud, illegal act or misconduct.
  • To enforce our legal rights.
  • Subject to applicable law, to facilitate a sale (or proposed sale) of our business, any of our assets or the business or assets of other parties which we acquire or may acquire or any other similar corporate transaction.
  • To comply with any laws, regulations, codes of practice or payment system requirements.
  • Any other purpose permitted by law or to which you consent.

As a prospective, current or former employee, we may hold, use and disclose information we collect about you for several purposes, including:

  • To consider your eligibility and suitability for employment;
  • To administer salaries and other employee entitlements;
  • To enable us to fulfil our responsibilities as your employer;
  • To maintain and manage employee records;
  • To contact you or a relative in case of an emergency;
  • For occupational health and safety reasons;
  • To conduct quality assurance and performance reviews; and
  • To comply with our legal and regulatory obligations.

In addition to the purposes above, we may hold, use and disclose information we collect about you for several purposes, including:

  • To deliver our services and products, such as by assessing, managing and/or settling protection claims;
  • To communicate with you;
  • To improve our offerings; and
  • Any other purpose permitted by law.

How will we use the information collected through pixels?

  • We may hold, use or disclose information we collect about our websites’ users (e.g. a Member, Authorised Purchaser, prospective supplier or independent contractor, supplier or independent contractor) for several purposes, including:
  • To track and understand user behaviour and interactions;
  • To gather data for analytics and optimisation;
  • To improve website performance;
  • To measure effectiveness and optimise advertisements to drive sales and/or grow our business;
  • To understand video audience behaviour and optimise video content;
  • To understand and optimise online form performance and measure effectiveness of marketing campaigns; and
  • Any other purpose permitted by law.

4. Disclosing information

Who do we disclose your information to?

Consistent with the uses of your information described above, we may disclose or transfer information about you to:

  • Our related companies, and their employees, officers, assignees and contractors;
  • Our service providers, mail-houses and external advisers;
  • Our preferred suppliers, relating to:
    • the status of your trade credit account (including if it is placed on stop credit) or any other product or service you may receive from us;
    • transactions conducted using your trade credit account;
    • your business contact and transactions details so they may direct market to you; and
    • any disputes you may have with the preferred supplier or us relating to the preferred supplier;
  • Other businesses or third parties who assist us in providing products and services to you or otherwise provide products or services to us in relation to our business (including but not limited to a third party assisting us to conduct research for the purposes of services and product improvement);
  • Third parties involved in competitions or promotions run by us, such as sponsors, judges or the providers of prizes;
  • Third party providers of industry publications, such as the Australian Automotive Aftermarket Association;
  • Organisations that verify identities or provide information on politically exposed persons;
  • Credit reporting bodies;
  • Your agents, advisers, referees, executor, administer, trustee, the beneficiary of any trust of which you are a trustee, your guardian or attorney;
  • Your current and prospective co-borrowers, guarantors, co-guarantors, covenantors and co-covenantors;
  • A dispute resolution organisation, such as the Australian Financial Complaints Authority (for the purpose of resolving disputes);
  • Law enforcement bodies, regulatory bodies and government bodies;
  • Our professional advisors, including lawyers and accountants;
  • Purchasers (or potential purchasers) of our business or any of our assets;
  • Payment system operators;
  • Related companies or agents that provide computer hosting and support services, which may be located in various countries including in Australia, New Zealand and the Isle of Man;
  • Your current and prospective insurers and risk services providers and their authorised agents or reinsurers, where you have requested services from Capricorn Insurance Services Pty Limited or Capricorn Risk Services Pty Limited or are also a Member of Capricorn Mutual Limited;
  • Capricorn Risk Services Pty Ltd to provide you access to protections available through Capricorn Group and general insurance products brokered through Capricorn Insurance Services Pty Ltd;
  • Any third party broker engaged by Capricorn Risk Services Pty Ltd including, but not limited to, PSC Connect, where you have requested services from Capricorn Risk Services Pty Ltd;
  • Capricorn Mutual Ltd and its authorised representatives Capricorn Mutual Management Pty Ltd and Capricorn Risk Services Pty Ltd to obtain and deal with your Capricorn Mutual Ltd membership and protections;
  • Any company or entity within the Capricorn Group;
  • Qualtrics, for the purpose of conducting surveys and research;
  • Recruitment agencies or recruitment websites (including, but not limited to, Seek, LinkedIn and Indeed);
  • Identification and qualification verification providers;
  • Airlines, accommodation providers and other travel service providers, where you have requested travel agency services from Capricorn Travel Australia Pty Ltd; and
  • Any other party you consent to or to which we are entitled to disclose your information pursuant to law.

Marketing and your privacy

Our focus is on people and organisations working together for the mutual benefit of all involved. As part of our services to you, we may use or share your information so that products, services or benefits that we think you may be interested in can be identified and direct marketed to you.

We, or our preferred suppliers or other third parties we have a relationship with, may contact you from time-to-time about new or existing products or services we or they offer.

We consider that direct marketing to you by us, our preferred suppliers and other third parties with which we have a relationship forms an integral part of delivering services to you and is directly related to the primary purpose for which we originally collected your information. Without such a service, the communication between you, us and our preferred suppliers and other third parties which we have a relationship with would be substantially reduced and you would be unlikely to receive the benefits and returns you expect from being one of our Members.

We may provide your information to preferred suppliers or other third parties for the purposes of that preferred supplier or third party directly marketing their products or services to you.

You can let us know at any time if you no longer wish to receive marketing materials from us, either by clicking on the opt-out link or by contacting us directly (see “Contact Us”). Also, you can let any preferred supplier, or third party know at any time if you no longer want to receive marketing materials from them.

Our direct marketing publications all include details on how you can opt-out of receiving such communication.

Overseas disclosures

We may share your information across the countries we operate in for the purposes set out or permitted in this Policy or as otherwise authorised and you hereby acknowledge that the recipients of the information may not be required to protect the information in way that, overall, provides comparable safeguards to those in your local data protection law. We operate in Australia, New Zealand and/or the Isle of Man.

Our websites and some of our products or services, or parts of them, may be hosted by or supported by service providers that operate from across the world. We and our service providers may also use cloud-based software solutions to perform internal processes and provide you with the products and services you request. This means that any information which you provide to us, including by email or through our websites or using the products and services we provide, may be transferred, used or stored outside of Australia or New Zealand. In the event that where your information is transferred outside of Australia or New Zealand by us or our service providers, the requirements of the relevant Privacy Act will be complied with.

Your information may be shared, stored, held or used by an overseas person or organisation to provide you with the products or services you have requested or may receive from us, including but not limited to these situations:

  • Capricorn Risk Services Pty Ltd and Capricorn Insurance Services Pty Ltd may provide information to overseas based insurers, agents and reinsurers connected with protections and insurance policies you may have or may be applying for;
  • Capricorn Travel Australia Pty Ltd may provide your information to overseas based travel service providers such as airlines, hotels and tour operators in connection with travel services being arranged on your behalf. Dependent on the travel services requested, those travel service providers could be located anywhere in the world including in countries where the privacy laws differ substantially from Australia. Capricorn Travel Australia Pty Ltd cannot control the activities of these travel service providers. If you engage with Capricorn Travel Australia Pty Ltd you consent to your information being provided to travel service providers without Capricorn Travel Australia Pty Ltd needing to try to ensure that the Privacy Acts will be complied with and if the recipient may not be accountable under the Privacy Acts and you may not be able to seek redress under the Privacy Acts;
  • Any company or entity within the Capricorn Group;
  • When employees in other countries in which we carry out business require the information for operational purposes;
  • When providing you with products and services available from us through, or supported by, third party providers, including Fuel Cards, the Capricorn Rewards program, Capricorn Service Data® and AutoBoost®, where those third-party providers operate in whole or in part from overseas or themselves use overseas third-party providers to provide the relevant products or services;
  • When we engage businesses in other countries (which may include countries outside of those in which we carry out business) to provide services to us in relation to our business;
  • When it is needed by related companies or agents that provide computer hosting and support services, including in Australia, New Zealand and/or the Isle of Man;
  • When you consent to the disclosure; or
  • When obtaining your consent is not practicable and we consider that the disclosure is for your benefit and that you would have consented to the disclosure, if allowed under applicable privacy laws.

5. Credit reporting

Collecting credit information

We participate in the credit reporting system. The below section contains additional information about how we manage your credit information, which is also personal information for the purpose of this Privacy Policy.

As a Member, we may obtain a credit report about you from a credit reporting body (when we have obtained your consent to do so or otherwise in accordance with applicable laws) if you:

  • Apply for credit with us (for example; trade credit or CAP ezi-finance® extended finance);
  • Put yourself forward as a covenantor or guarantor for another person applying for or receiving credit from us; or
  • Receive credit from us or are a covenantor or guarantor for another person that receives credit from

To request a credit report, we will disclose to a credit reporting body information that identifies you (such as your name, address, date of birth and driver’s licence number) and relates to the credit you are applying for or seeking to covenant or guarantee.

Credit reports contain information about your credit worthiness and credit history with other credit providers. This information may include information about your previous and current credit applications, credit facilities, credit repayment history and any payment defaults.

We will often combine information in credit reports with information we already hold about you or that has been obtained from other sources (for example, trade references from existing suppliers or any past relationship you have had with us). We may derive certain personal information about you using the credit information we hold, such as full name, date of birth, drivers licence details, addresses and employment history information.

Using credit information

Subject to applicable law, we will use this information to:

  • Assess any application you or any business you are or have been associated with make for credit;
  • Assess your suitability as a guarantor;
  • Assist in the development of new products and services or refinement of existing products and services;
  • Assist in our general management and administration including; risk management, strategic development, systems development, credit management, debt collection, staff training and research; and
  • Comply with any laws, regulations, codes of practice and payment system requirements.

Disclosing credit information to credit reporting bodies

As a participant in the credit reporting system, we may disclose information about your credit history with us to credit reporting bodies including:

  • That you receive credit from us;
  • The type and amount of credit you receive;
  • The terms of your credit;
  • Your payment history;
  • Any default or failure to make payment; and
  • Any behaviour considered by us to be adverse, such as fraud or evasion of repayment

When we inform a credit reporting body, it may then be included in credit reports that the credit reporting body then gives to other credit providers. Some of that information may reflect adversely on your credit worthiness, for example, if you fail to make payments. That information may affect your ability to get credit from other credit providers.

We may disclose information to the following credit reporting bodies:

 

Australia

New Zealand
     

illion

Phone 13 23 33

Phone 0800 733 707
 

illion.com.au

illion.co.nz
     

Equifax

Phone 13 83 32

Phone 0800 692 733
 

equifax.com.au

equifax.co.nz

Credit reporting bodies must have a policy explaining how they manage your information. You can contact these credit reporting bodies for more information about their policy or information about you that they may hold.

We will not disclose credit eligibility information to entities without the required connection to Australia or New Zealand (as applicable) under the relevant legislation.

Contact credit reporting bodies if you think you have been the victim of a fraud

You may request that a credit reporting body not use or disclose credit reporting information they hold about you if you reasonably believe that you have been or are likely to be a victim of fraud, including identity-related fraud. The period while this applies is called a "ban period". You can make such a request to the credit reporting bodies listed above.

Pre-screening assessments by credit reporting bodies

We will not use credit information that we receive from credit reporting bodies or otherwise for the purposes of direct marketing. However, for some products or services we may ask a credit reporting body to use credit information they hold to identity individuals that may be eligible for a product or service and to send those individuals information about that product or service on our behalf. This is known as “pre-screening assessments”. If you are such an eligible person you may receive this information. You may contact credit reporting bodies to say you do not want your information used in pre-screening assessments. If you do this, the credit reporting body must not use your information for the purpose of pre-screening assessments.

Resolving your credit complaints

If you have a complaint about how we have handled your credit information, including your request to access or correct credit information we hold about you, you can make a complaint to us through our Applications Team using the contact details below. We will consider your complaint and determine whether it requires further investigation. We will notify you of the outcome of this investigation and any subsequent internal investigation.

You can also contact our Applications Team if you wish to opt out from our use or handling of your information, even if you have given consent before. Please note that with regards a credit application, your opt out from our use or handling of your information would mean we will or may have to withdraw our services if needed or appropriate. We will try to address any complaints we receive and provide you with a written response within 30 days or any relevant privacy regulatory required period, whichever applicable. If your complaint is not resolved to your satisfaction, you may lodge a complaint with the Office of the Australian Information Commissioner website at oaic.gov.au/privacy or the Australian Financial Complaints Authority (AFCA).

6. Processing of your information

We may process your information as described above using technologies such as artificial intelligence (AI) to enhance efficiency and/or conduct analysis relevant to the purposes described in this Privacy Policy. However, we have human oversight of AI in our compliance and decision-making processes. This means that while AI technology may be used to assist with our processes, final decisions or actions are made in a human supported framework.

7. Securing your information

How do we secure your information?

We store information in different ways, including in paper and electronic form. We have implemented technical and organisational measures to protect your information from misuse, interference and loss, and from unauthorised access, modification or disclosure, such as:

  • Physical security of business premises, including access controls;
  • Confidentiality requirements with which our employees must comply;
  • Record management policies;
  • Security measures for access to our systems (e.g. multi-factor authentication);
  • Restricting information access to persons who reasonably require access to perform their duties;
  • Control of access to our buildings; and
  • Electronic security systems, such as firewalls and data encryption on our websites.

We may store personal information in systems managed by us or our third party data storage providers (including those that may be located or host information overseas, as described above).

What happens when we no longer need your information?

Subject to other legal obligations under which we may have to retain information, we will take reasonable steps to destroy or de-identify information in accordance with our internal policies once we no longer require it for the purposes for which it was collected or for any other purpose under the Privacy Acts.

If you apply for employment with us and your application is not successful, we may retain your personal information for up to six months after the submission of your application in order to allow us to consider you for future opportunities.

8. Accessing your information

How do you access your information?

You may request details of the personal information we hold about you in certain circumstances as set out in the Privacy Acts. There is no charge for requesting access to your personal information but we may require you to pay an administrative fee to meet our reasonable expenses incurred in giving you access (such as photocopying costs or costs for time spent on collating large amounts of material). We will respond to requests within a reasonable time, subject to compliance with the applicable Privacy Act. In certain circumstances as set out in the Privacy Acts, we may refuse to provide you with information that we hold about you; and provide you with the reasons for refusal in writing, in line with the requirements of the applicable Privacy Act.

How do you access your credit information?

Where you request access to credit information about you that we have obtained from credit reporting bodies (or based on that information), you have the following additional rights.

We must:

  • Provide you access to the information within 30 days (unless unusual circumstances apply);
  • Make the information clear and accessible; and
  • Ask you to check with credit reporting bodies what information they hold about

We do not have to give you access to this information if it would be unlawful or harm the activities of an enforcement body (e.g. the police).

We may also restrict what we give you if it would harm the confidentiality of our commercial information.

If we refuse to give access to any credit eligibility information, we will tell you why in writing.

9. Dealing with us anonymously

You may be able to make general enquiries or respond to our surveys or questionnaires on an anonymous or pseudonymous basis.

However, it is generally impractical for us to offer anonymity or pseudonymity to you in relation to our main business activities, including the provision of trade credit accounts. To comply with anti-money laundering and counter terrorism financing laws we cannot provide extended credit to anyone unless we have identified them.

10. Correcting your information

How do you correct your information?

If you believe that the information we hold about you is inaccurate, out of date or incomplete, please contact us at the details below. We will respond to any request within a reasonable time, subject to compliance with the applicable Privacy Act. We will endeavour to promptly correct any information that is found to be inaccurate, incomplete or out of date. If we cannot correct your information, we will let you know why, in line with the requirements of the applicable Privacy Act.

If you believe we have given incorrect information to others, you can ask us to tell them about the correction. We will try and help where we can and, if we cannot, we will let you know in writing.

What additional things do we have to do to correct your credit information?

Whether we made the mistake or someone else made it, we must help you ask for the information to be corrected. To do this, we might need to talk to others. However, the most efficient way for you to make a correction request is to send it to the organisation which made the mistake.

If we can correct the information, we will let you know within a reasonable period of doing so. We will also let the third parties know and any others you tell us about. If there are any instances where we cannot do this, then we will let you know in writing.

If we are unable to correct your information, we will explain why in writing within a reasonable period of making this decision.

11. Resolving your privacy issues

How can you make a complaint or raise a concern?

If you believe your privacy has been breached, or you do not agree with a decision we have made about your access to or correction of information, you can make a complaint to us through our Privacy Officer using the contact details below. We will consider your complaint and determine whether it requires further investigation. We will notify you of the outcome of this investigation and any subsequent internal investigation.

You can also contact our Privacy Officer if you wish to opt out from our use or handling of your information, even if you have given consent before.

We will try to address any complaints we receive and provide you with a written response within 30 days or any relevant privacy regulatory required period, whichever applicable.

Need more help?

For further information about privacy issues in Australia, you may visit the Office of the Australian Information Commissioner website at oaic.gov.au/privacy.

For further information about privacy issues in New Zealand, you may visit the Privacy Commissioner's website at privacy.org.nz.

You may also approach an independent advisor or contact the Office of the Australian Information Commissioner (if you are in Australia) or New Zealand Privacy Commissioner (if you are in New Zealand) using the details below for guidance on alternative courses of action which may be available.

The Office of the Australian Information Commissioner

Phone:

1300 363 992 or 61 2 9942 4099 404099

Email:

enquiries@oaic.gov.au

Facsimile:

+61 2 6123 5145

Website:

www.oaic.gov.au

Mail:

GPO Box 5288
Sydney NSW 2001

The Office of the New Zealand Privacy Commissioner

Phone:

0800 803 909

  

Email:

enquires@privacy.org.nz

  

Facsimile:

(04) 474 7595

  

Website:

www.privacy.org.nz

  

Mail:

PO Box 10-094

  
 

The Terrace Wellington 6143

12. Changes to this Privacy Policy

We will occasionally review this Privacy Policy. We will let you know of any changes by posting a notification on our websites and updating the date of this Privacy Policy. We encourage you to review our Privacy Policy from time-to-time for any changes. Any changes to our Privacy Policy will be effective from the date they are published on our website.

13. Contact us

We care about your privacy and always welcome your feedback. Please contact us if you have any questions about the way we handle your information.

Phone:

1800 327 437 (Australia)
 

0800 401 444 (New Zealand)

Email:

privacy@capricorn.coop

Mail:

The Privacy Officer
Capricorn Society Limited Locked Bag 3003
West Perth WA 6872 Australia