Whistleblower policy

Privacy Policy

This policy provides information as to the kind of personal information that we collect and the way we use it. In this Privacy Policy, the terms “we”, “us”, “our” or “Wingate” are references to Wingate Group Holdings Pty Ltd ACN 128 511 035 or any of its subsidiary and related/associated companies (other than Wingate Asset Management Pty Limited and Wingate Consumer Finance Pty Ltd, refer to their respective websites for specific Privacy Policies) being a related body corporate or associate of Wingate Group Holdings Pty Ltd as those expressions are defined in the Corporations Act 2001 (Cth).

The term “you”, “your” and “user” refers to you as our client, shareholder, co-investor, member, volunteer, job candidate and employee. If you are our client or co-investor, additional information about our handling of your personal information may apply, for example under a privacy declaration or terms and conditions applicable to the product or service you obtain from us.

We are committed to respecting your privacy and protecting your personal information. We are bound by privacy principles under the Privacy Act (1988) (Cth) which are applicable to private sector organisations, and other laws which govern the handling of personal information. We sometimes handle personal information relying on exemptions under these laws, for example in relation to employee records. Any permitted handling of personal information under such exemptions will take priority over this privacy policy to the extent of any inconsistency.

Personal information is defined by s6 of the Privacy Act as: information or an opinion about an identified individual, or an individual who is reasonably identifiable.


1. Information collection and use

We may collect various types of information from you. Some of this information is personal information, some is non-personal.

We may collect personal information (being information about you from which your identity is apparent or can reasonably be determined) for purposes including:

a) identifying you and investigating and protecting against fraud and unlawful activity
b) complying with laws which apply to us (including counter-terrorism financing and anti-money laundering laws), assisting regulatory authorities and protecting our lawful interests
c) arranging and/or providing financial products and services for you, including assessing applications for finance
d) establishing, managing, administering, evaluating and improving our products or services including security and risk management, service development, research and planning
e) in relation to providing credit: credit scoring, securitisation and portfolio analysis
f) responding to your queries
g) subject to our legal obligations and your requests to opt-out, to provide you with promotional information about financial and investment products and services on an ongoing basis, by any means including telephone, email and other electronic messages (we may also share your personal information with our related bodies corporate and partners for this purpose); and
h) other purposes not listed in this Privacy Policy. If we do, we will make it known to you at the time we collect, use or disclose your personal information.

We may not be able to do these things without your personal information. For example, we may not be able to provide you with our services or respond to your queries.

The types of personal information collected may include your name, address, postal or email details, financial details, credit-related personal information (see section 5 below) and other information that we may consider necessary.

Where reasonable and practicable to do so, we will generally collect your personal information directly from you. Collection can occur in a number of ways, including when you apply for or request information in relation to a product or service, either via telephone or email. Personal information may also be collected during the course of our business relationship with you for example through your use of our services. We may record your interactions with us, including through telephone conversations and emails.

Occasionally we may collect personal information about you from other sources including public sources, information brokers and third parties such as those described in the ‘Disclosure of personal information’ section below. For example, in the course of assessing your application for a loan, we may collect such information from a credit reporting agency or financier, or from your employer or your landlord. Some of the personal information we collect from you is collected to meet our obligations under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth).


2. Disclosure of personal information

Depending on the circumstances, we may disclose your personal information to our agents and service providers including providers of account management, application processing, archival, auditing, debt collection, banking, insurance, valuation, mail house services, technology and data processing services; government bodies including courts and tribunals; your executor, administrator, trustee, guardian or attorney; and your agents, such as financial or legal advisers. We may also disclose personal information to other entities within the Wingate group of companies, for any of the purposes for which we may collect, use or disclose information that is set out in this policy.

We may also disclose such information as required or permitted by any law, for example in response to a subpoena or to the Australian Taxation Office, following a direction issued under taxation laws.

Some of the third parties to whom we may disclose personal information may be located in other countries. We will comply with our obligations under the Privacy Act in relation to these disclosures.


3. Accessing and correcting your personal information

To make a request to access or correct any personal information we hold about you, please contact us as set out below in section 9. We may need to verify your identity. Please provide as much detail as you can about the particular information you seek, in order to help us locate it.

We will provide our reasons if we deny any request for access to or correction of personal information. Where we decide not to make a requested correction to your personal information, and you disagree, you may ask us to make a note of your requested correction with the information.


4. Information security

We take care to protect your personal information and employ a range of technical and administrative procedures to protect such information from unauthorised disclosure or loss. We keep personal information in physical and electronic records, both at our own premises and, with the assistance of our service providers, in offsite backups.

If you are considering sending us any personal information through electronic means, please be aware that the information may be insecure in transit, particularly where no encryption is used (e.g. email, standard HTTP).


5. Credit reporting

This section applies in addition to the other sections of this Privacy Policy where you apply for or obtain credit from us or apply to or guarantee or provide security in relation to that credit.

We may collect, hold, use and disclose certain credit-related personal information about you including:

  • permitted identification information e.g. names, date of birth, sex, recent and prior postal and residential addresses, employer and driver’s license number
  • your applications for credit – the fact that you have applied for credit and the amount and type of credit;
  • the identity of your current and previous credit providers
  • records of previous requests made by credit providers to credit reporting bodies (“CRBs”) for information about you in connection with commercial credit applications, guarantees and securitisation arrangements
  • information about defaults (where repayments are more than 60 days overdue, in certain circumstances)
  • where those default repayments are no longer overdue, or new payment arrangements have been agreed
  • a credit provider’s opinion that you have committed a serious credit infringement (that is, acted fraudulently or shown an intention not to comply with your credit obligations)
  • the start and end dates, credit limits and certain terms and conditions of your credit arrangements
  • information about court judgments against you
  • publicly available information relevant to your credit worthiness
  • certain insolvency information from the National Personal Insolvency Index
  • information derived by CRBs from the above information (e.g. assessments and ratings in respect of your credit worthiness); and
  • information we derive from the above information (e.g. our own assessments and ratings in respect of your credit worthiness), (“credit-related personal information”).

This information may include information about your arrangements with other credit providers as well as with us. We may disclose some of these types of information to CRBs. CRBs may use credit-related personal information to maintain records on individuals which they may share with other credit providers for those providers’ own credit assessments.

If you fail to meet your payment obligations in relation to consumer credit or commit a serious credit infringement we may be entitled to disclose this to a CRB.

The CRBs we use are:
– CreditorWatch – GPO Box 276, Sydney, NSW, 2001, and
– CV Check – PO Box 140, Osborne Park, WA 6917

You can contact those CRBs or visit their websites to see their policies on the management of credit-related personal information, including details of how to access your credit-related personal information they hold. You have the right to request CRBs not to:
– use or disclose your credit-related personal information, if you have been or are likely to be a victim of fraud; and
– use your credit-related personal information to determine your eligibility to receive direct marketing from credit providers.


6. Eligible Data Breach Management and Notification Plan

The Privacy Amendment (Notifiable Data Breaches) Act 2017 introduces the ‘mandatory data breach notification regime’. Under these new laws, Wingate must notify any eligible data breach to the Office of the Australian Information Commissioner (“OAIC”) and the affected individuals as soon as practical. Wingate’s internal Privacy policy (Breach Management and Notification Plan) clearly outlines how we swiftly identify and effectively deal with a data breach.


7. Other

In the event that any part of our business or its assets is ever sold, acquired, merged, liquidated, reorganised or otherwise transferred, we reserve the right to transfer to the extent permissible at law our user databases, together with any personal information and non-personal information contained therein to a third party acquiring the assets. While any transaction of this sort is being considered, we may also make limited relevant personal information available to prospective purchasers and legal and financial advisors and other relevant parties on a confidential basis.


8. Changes to this policy

We reserve the right to make changes to this policy. Such changes will be posted on this website and we will publish the effective date when the statement is updated.

If you have bookmarked this policy (or the Website) you will need to ensure that the bookmarked version has been updated so that you are aware of the most recent version of this policy.

Last update: June 2018


9. Contacts

If you have any questions, concerns or feedback about privacy, or would like to opt-out of direct marketing please contact our Privacy Officer as set out below:

Address: Level 48, 101 Collins Street, Melbourne VIC 3000
Phone: 03 9913 0700
Email: info@wingategroup.com.au

We take your privacy concerns seriously. Where you express any concerns that we have interfered with your privacy or conducted ourselves inconsistently with this Privacy Policy or the Credit Reporting Code, we will respond to let you know who will be handling your matter and when you can expect a further response. We aim to resolve your concerns in a fair and efficient manner within 30 days.

If your concerns are not resolved to your satisfaction you may complain to the Office of the Australian Information Commissioner in writing as set out below:

Website: www.oaic.gov.au
Address: GPO Box 5218 Sydney NSW 2001
Fax: +61 2 9284 9666
Email: enquiries@oaic.gov.au