Legal Archive Privacy Policy — Effective from January 2019

Privacy Policy — Effective from January 2019

Harmoney Australia Limited

Privacy Policy and Credit Reporting Privacy Policy

This Privacy Policy is in effect from 23 January 2019

Harmoney Australia Limited and its related companies (referred to in this Privacy Policy as Harmoney, we, our or us) recognises that your privacy is very important to you and that you have the right to control your personal information.

This Privacy Policy governs the collection, use disclosure, storage and handling of your personal information by us and has been prepared in accordance with our obligations and your rights set out in the Privacy Act 1988 (Cth) and the Privacy Credit Reporting Code (where applicable).

We reserve the right to modify or amend this Privacy Policy at any time. It is recommended that you check our Privacy Policy from time to time.

This Privacy Policy explains:

  • What kind of personal information we collect (including credit related information) and what we do with that information.
  • Where we collect personal information from.
  • How we use personal information.
  • How we store personal information.
  • How you can seek access to and where applicable correct your personal information.
  • How you can make a complaint about our handling of your personal information where applicable.
  • How long we hold personal information.
  • Who you can contact for further information.

What kind of personal information we collect

We collect the personal information you give us, which may include:

  • Your personal information such as name, e-mail address, residential and business addresses, and contact telephone numbers;
  • Your financial information such as your occupation, employment, income and expenses, accounts, assets and liabilities, Tax file number and tax status;
  • Information about your transaction history (either with us or relevant third parties) such as transactions you may have had with us in the past, your payment history and the way you dealt or will deal with us;
  • Other information where relevant such as health and medical information (for example to handle a hardship application), tax file number, government identifiers, and membership of professional bodies, in so far as it is applicable to verify your identity and other personal details.

Personal information relating to credit

We may collect your credit information which may include, but is not limited to:

  • Credit application history - applications you have made to us or other credit providers including the products, the amount of credit and the start and end date of your credit application history;
  • Account identification – information about account numbers and customer identifier numbers;
  • Your payment information – a statement that an overdue payment reported to a credit reporting body has been paid by you;
  • Default Information – subject to complying with the requirements of the Privacy Act, we can disclose to a credit reporting body information about payments owed by you to third parties (including a borrower or guarantor) under a consumer credit contract, that has remained overdue for more than 60 days;
  • Repayment History information – information about payments you owe us or any other credit provider that is overdue by 60 days;
  • Creditworthiness – information such as your credit scores, credit ratings, and creditworthiness;
  • Court proceedings about you – such as information about a judgement made against you in a court of law, relating to credit provided to you or whether you have been declared bankrupt or insolvent. This includes information on the National Insolvency Index, debt arrangements made by you, insolvency agreements entered into by you, and orders , authorities and directions under the Bankruptcy Act in relation to your property;
  • Variation of contract arrangements – such as either a new arrangement you make with us to vary your consumer credit contract as a result of you being overdue in your payments and about which we have notified a credit reporting body, or the provision of new credit;
  • Information in the public domain about your activities and creditworthiness in any state or territory in Australia, information in the National Personal Insolvency Index not relating to court proceedings, information that we have been provided about a serious credit infringement you have committed – a credit infringement includes fraudulently obtaining or attempting to obtain consumer credit or fraudulently evading or attempting to evade your consumer credit obligations or not intending to comply with consumer credit obligations and if you have not been contactable for over a period of 6 months;

How the Privacy Policy applies to Credit Related information under the Privacy Act

We may collect two types of consumer credit related information:

  • Credit information – this is information relating mainly to your credit related dealings with us which we can disclose to a Credit Reporting body that reports on your creditworthiness (CRBs);
  • Credit eligibility information(CEI)– this is information provided to us by CRBs which may include your credit related dealings with other credit providers, CEI also includes your credit worthiness information we derive from data provided by a CRB for example, credit scores, credit ratings and evaluations about you and your creditworthiness.

If we hold or collect CEI or credit information this Privacy Policy will also apply to that information.

Where we collect your personal information from

We collect personal information through this Site by the following means:

  • By you or a co-applicant contacting us enquiring about information about us and the services we provide.
  • When you register on the Site as a Borrower or as an Investor.
  • When you participate in any promotions we may make available, or competitions that we may run, through this Site.

Who we may use to collect your personal information from

  • Our agents
  • Your employers, accountants, lawyers, referees, banks, landlords, guarantors, financial advisors,
  • Third parties you may have had dealings with
  • CRBs and Credit providers for credit information
  • CRBs and identification service providers for identification information
  • Publicly available information
  • Card schemes
  • Insurers
  • Your executors, administrators or persons holding Powers of Attorney on your behalf
  • Our service providers like debt collection agencies, introducers, professional advisers, direct debit companies, private investigators,
  • Professional organisations
  • Public and subscribed databases
  • Any persons considered necessary to carry out your instructions and Government authorities.

Purposes for which we may collect, hold, use and disclose your personal information

Personal information we collect about you will only be held used and disclosed for our business purposes and as required or permitted by the law. We may use your personal information for the following purposes:

  • Responding to queries
  • Providing you with information about us
  • Making a decision to provide you with our services, as requested by you including evaluating your creditworthiness or whether to accept you as a guarantor
  • Providing you with information about the services we provide
  • Verifying your identity, and carrying out credit and other checks, for the purpose of registering you as a Borrower or as an Investor
  • Managing the products and services we provide
  • Managing your scheduled repayments and one off repayments with direct debit companies
  • Preventing and defending instances of fraud, unlawful conduct and other risks to you and our products and services
  • Internal and external complaint resolution and assisting other credit providers to do so
  • Enforcing our rights including debt collection and where necessary instituting legal proceedings
  • Undertaking securitisation activities and other activities relating to funding and capital requirements
  • Providing your personal information when requested by our funders and investors
  • Enabling our associated entities and selected other entities to promote their products and services
  • Meeting legal and regulatory requirements imposed on us
  • Marketing products and services provided by us and our related entities
  • Compiling statistical data e.g credit scoring information
  • Participating in credit reporting systems and providing information to CRBs as permitted under the Privacy Act and Credit Reporting Privacy Code
  • Dealing with serious credit infringement and assisting other credit providers to do the same
  • Complying with specific Australian laws that make it mandatory for us to collect your personal information and other laws which make it necessary in order for us to comply with our obligations. These laws currently include:-
    1. National Consumer Credit Protection Act
    2. Anti Money Laundering and Counter Terrorism Financing Act
    3. Personal Property Securities Act and State and Territory real property and security interests laws
    4. Financial Sector (Collection of Data) Act
    5. Corporations Act and other regulatory legislation
    6. Tax Administration Act, Income Tax Assessment Act and other taxation laws.

Disclosing your information to third parties including overseas

Where permitted under the Privacy Act, we may disclose information about you (including your identity) to a third party including:

  • Carrying out credit and identity checks
  • Co-borrowers - If you have registered as a Borrower and you have asked someone else to register as a co-borrower, each of you acknowledge, agree and consent to Harmoney providing your personal information to the other of you. Harmoney will be entitled to accept instructions from either of you in respect of the access to, use of, and amendment to, your personal information by Harmoney
  • Law enforcement agencies
  • Conducting legal proceedings or other investigations
  • Enabling Investors, prospective Investors, and the trustee who uses Investor funds to make loans to you, to comply with their customer due diligence and other obligations under any applicable legislation
  • Related entities in Australia and overseas
  • Entities providing services to us such as legal and financial services, market research and data providers and mailing houses and call centre operators
  • Our Funders and Investors
  • Suppliers of goods and services that are financed with the credit we provide
  • Retailers where the payments or credit services provided by us involves payments to the retailers for goods and services provided by them
  • Assignees or potential assignees or where we act as an agent or on behalf of another person
  • Financial institutions such as banks and credit providers
  • Direct Debit companies who manage your scheduled and one off repayments
  • Insurers, assessors, underwriters, brokers and other distributors
  • Government and regulatory bodies in Australia and overseas
  • Originations involved in debt assignment or securitisation arrangements
  • Debt Collectors and other enforcement bodies
  • Entities involved in our business or who acquire an interest in our business
  • Third parties who are authorised to act on your behalf such as accountants, lawyers, referees, attorney under a Power of Attorney or Guardianship arrangements.

Some of these entities may be located overseas and may not have an Australian link. For example we may employ service providers in India, Fiji or the Philippines. If you ask us to make a payment to an overseas retailer, we will provide information to those retailers or banks or financial institutions overseas who process those payments. They are not our service providers and we do not control how they handle your information.

Disclosing your Credit Information to third parties including CRBs

By accessing and using this Site, and providing your personal information to us, you acknowledge and agree that you understand that if we disclose your personal information to CRBs for the purpose of us providing services to you, the CRBs may hold your information on their credit reporting database and use it for providing credit reporting services, including your credit worthiness and for any other lawful purpose and that the CRB may disclose your information to their subscribers for the purpose of credit checking or debt collection or for any other lawful purpose.

CRBs to whom we may disclose your information include:

  1. Dun & Bradstreet
    Phone: 1300 734 806
    Address: Attention D&B Public access centre – PO Box 7405, St Kilda,
    VIC 3004
  2. Equifax
    Phone: 1300 762 207
    Address: Attention Equifax Public Access – P O Box 964, North Sydney,
    NSW 2059
  3. Experian Australia Credit Services Pty Ltd
    Phone: 1300 783 684
    Address: Experian Australia Credit Services Pty Ltd
    Attention: Consumer Support Team
    GPO Box 1969, North Sydney NSW 2060

Your rights in relation to CRBs

You are entitled under the Privacy Act to opt out of direct marketing pre screenings where CRBs use your credit information for the purposes of marketing their products and services. In addition if you believe that you have been or are likely to be a victim of fraud you can request the CRB not to disclose your credit information subject to time limits prescribed by the Privacy Act during this banning period.

Marketing communications

By accepting the terms of this Privacy Policy and providing us with your personal information, you agree to us using that personal information for the purpose of informing you or providing your information to our related entities to market our products and services.

How we store personal information

We store personal information electronically on our systems and in paper based form. The personal information is kept safe and secure using generally accepted standards of security. Where our service providers hold your information we require them to adhere to our standards of security and confidentiality.

A data breach has occurred if personal information that we hold is subject to unauthorised access or disclosure or is lost. In the event of a data breach, we will assess and respond to the data breach in accordance with our applicable policies and procedures. Our policies and procedures have been developed in accordance with guidance from the Office of the Australian Information Commissioner on handling data breaches and the requirements under Part IIIC of the Privacy Act. If a data breach may cause you loss or harm – financial or otherwise – we will promptly notify you of the data breach so that you can manage the loss or harm.

How you can access or correct your personal information (including credit information)

You have rights to request under the Privacy Act access to or correction of the personal information we hold about you and to make a privacy complaint. This is subject to the exceptions under the Privacy Act and as long as it is reasonable and practicable. To access your personal information please contact our Privacy Officer on 1300 042 766 or by emailing us at

You may request that the personal information we hold about you be corrected if it is misleading, inaccurate, incomplete or irrelevant by contacting our Privacy officer on 1300 042 766 or by emailing us We take every step where reasonably practicable to ensure that the personal information we collect, use and disclose is accurate, complete and up to date. If we do not agree to your request for information we will notify you of this and give you the reason and what steps you should take.

As some of the information we hold about you may be of a sensitive nature, we will need to verify the identity of anyone requesting access to your personal information. Any request for information must be as specific as possible so we can accommodate your request. Access will be provided within 30 days of your request.

We can refuse access to your information if:

  • Access would be unlawful,
  • Denying access is required or authorised under Australian law or an order of a court or tribunal,
  • Access would prejudice enforcement action or appropriate action relating to unlawful activity or serious misconduct.

Privacy complaints and disputes

The Privacy Act gives you rights to make a complaint if you reasonably believe that we have not complied with our Privacy obligation including obligations relating to consumer credit information under Part 111 of the Privacy Act and the Credit Reporting Code. If you believe this is the case please contact our Privacy Officer on 1300 042 766 or by emailing

We will acknowledge receipt of your complaint within 7 days and we will endeavour to investigate and resolve complaints within 30 days of receipt of the complaint.If we need more time we will notify you of the reasons why and seek your agreement to extend the 30 day period. If you do not agree We may not be able to resolve your complaint. We may consult with a CRB or other third parties to investigate and resolve complaints about credit related information.

If you reasonably believe that your complaint has not been handled satisfactorily, you may contact our external disputes resolution scheme (EDR Scheme) Credit & Investments Ombudsman on 1800 138 422 or at PO Box A252 Sydney South NSW 1235.

How long we hold personal information

We will keep your personal information only for as long as necessary to achieve the purpose we collected it for and in all cases for such periods as we are required to in order to comply with any relevant legislation and regulations.

Who you can contact for further information

If you have any queries about this Privacy Policy or personal information we have collected please contact us at or:

  • by calling the Harmoney Contact Centre on 1300 042 766
  • by writing to Harmoney at the address listed on