What is Privacy Policy

This Privacy Policy sets out how Service One Credit Union Ltd (Service One), operating as SERVICE ONE Members Banking, handles your personal information.

Essentially, the Privacy Policy explains the sort of information Service One collects and how it is collected, used, disclosed and secured. The Privacy Policy also outlines your right of access and correction of your personal information and how you can make a complaint if you consider we have interfered with your privacy unlawfully or unjustifiably or if you consider we have not handled your personal information in accordance with the terms of this Policy.

Application of Privacy Policy

This Privacy Policy applies to all dealings between Service One on the one hand, and its members and individual members of public on the other.

Any reference to "we", "us" or "our" in this Policy is a reference to Service One.

We encourage you to check our website regularly for any updates to our Privacy Policy.

Our Commitment to Privacy

The privacy of your personal information has always been important to us at Service One. We are committed to respecting your right to privacy and protection of your personal information.

We understand that it is important for our members and individual members of the public to know how we deal with personal and sensitive information that we collect from or about them. That is why we have developed and publicised the present Privacy Policy.

For the purposes of this Privacy Policy, "Personal information" refers to any information that can be used to identify a particular individual and includes health and criminal record information.

Service One complies fully with the National Privacy Principles ("NPPs") introduced by the Privacy Amendment (Private Sector) Act 2000. You may obtain a summary of the NPPs by contacting the Privacy Officer at Service One whose contact details are stated below.

Why We Collect Personal Information

Service One is in the business of providing a variety of financial and risk management services and products to its members. As a Credit Union dedicated to the provision of high quality services and products, we naturally exercise a great deal of care to not only establish the identity of the individual member, but also the identity of any individual that the member may wish to rely on (eg a guarantor) to obtain some of the services and products we offer. Hence, the need, to collect certain types of personal information from you.

Also, we collect personal information so that we can thoroughly understand not only your financial position and needs, but also to determine the suitability of our products and services to you.

Furthermore, Service One is required under some laws (including those dealing with taxation, financial transactions reporting and the supervision of corporations and financial services providers) and under various industry and professional codes and rules of conduct, to collect certain personal information from or about the individuals with whom we deal.

In summary, our ability to provide you with appropriate financial services and products efficiently, honestly and fairly depends on the exercise of great care to collect the relevant personal, if not sensitive, information from or about you.

Types of Personal Information We Collect and Hold

Depending upon the nature or class of the financial or risk management products or services you apply for or apply to terminate, Service One may collect and hold any or a combination of the following types of information.

• Name
• Contact details
• Employment details
• Marital and family details
• Bank Account(s) details
• Assets and liabilities
• Details of investments and superannuation
• Details of insurance policies
• Details of estate planning arrangements
• Health information
• Professional service providers (eg your doctor, legal adviser, and accountant)
• Tax File Number

Also, we keep any correspondence we have with you, you provide to us or provided to us by a third party in relation to your application to acquire, continue to acquire or terminate any of the financial or risk management products or services we offer our members.

How We Collect Personal or Sensitive Information

We will only collect your personal information by lawful and fair means and not in an unreasonably intrusive way. When it is reasonable and practicable to do so, we will collect your personal information from you directly. If we collect your personal information from someone else (eg your doctor or a health professional, your accountant or a credit reporting agency), we will take reasonable steps to first, tell you why we consider the information is critical and obtain your consent to collect the information from the third party.

You are not under any obligation to provide us any or all of your personal information or to give us consent to obtain your personal information from a third party. If you fail to provide us any, full or accurate personal information that we consider is critical, of if you withhold your consent for us to obtain it from a third party, we will you the consequences of your failure to do so.

When practicable, at or before the time (or, if that is not practicable, as soon as practicable after) we collect your personal information, we will take reasonable steps to ensure that you are aware of:

• Who we are and how to contact us;
• The fact that you are able to gain access to the information and if necessary correct it;
• The purposes for which the information is collected;
• The types of persons or organisations to which we may disclose your personal information or sensitive information;
• Any law that requires us to collect the particular information; and
• The main consequences (if any) for you if you fail to provide all or any part of the information.

What We Use Personal Information For

Any information about you we collect is required and used for a particular business purpose or purposes. Any information about you may be used for any or a combination of the following purposes:

• To assess and process your application to acquire, continue to acquire or discontinue any financial or risk management products and services we provide;
• To execute your instructions.
• To obtain further information about you from a third party (including a credit reporting agency and other financial institution) and to give information about you to the third party.
• To comply with legislative and regulatory requirements;
  To perform administrative functions, including accounting, risk management, record keeping, archiving, systems development, credit scoring and staff training;
• To manage our rights and obligations in relation to external payment systems;
• To conduct market or customer satisfaction research;
• To develop, establish and administer alliances and other arrangements (including rewards programs) with other organisations in relation to the promotion, administration and use of our respective products and services;
• To develop and identify products and services that may interest you; and
  Unless you ask us not to, to provide you with information about other products and services.

Direct Marketing

You may at any time advise us that you do not wish to receive any direct marketing communication from us. You may notify us in person at any branch or notify us in writing using any of the contact details listed below. So that we may correctly identify the information to be accessed, please include your name, address and membership number in your notification.

Postal Address: Locked Bag 1 DEAKIN ACT 2600
Email: This e-mail address is being protected from spam bots, you need JavaScript enabled to view it
Fax: (02) 6215 7171

Web Site And Internet Banking

Sometimes, we use our website to collect information about visitors to the site through the use of "cookies".

A "cookie" is a packet of information that allows the server (the computer that houses the web site) to identify and interact more effectively with your computer. When you use our website, we send you a cookie that gives you a unique identification number.

Cookies do not identify individual users, although they do identify a user's browser type and your Internet Service Provider (ISP). We use cookies as research tools only to assist us analyse and improve our website. They collect statistical information on website activity including the number of users who visit our web site, the date and time of visits, the number of pages viewed, navigation patterns, what country and what systems users have used to access the site and, when entering one of our websites from another web site, the address of that web site.

You can configure your browser to accept all cookies, reject all cookies, or notify you when a cookie is sent. Please refer to your browser instructions or help screens to learn more about these functions. If you reject all cookies, you may not be able to use our website.

To evaluate the effectiveness of our website advertising, we may use third parties to collect statistical data. No personal data is collected on these occasions.

"eLink", our Internet Banking system, uses a range of security techniques to help protect your personal information. This includes the latest and strongest 128-bit SSL data encryption technology to help provide the best protection currently available for your password and account details and any other information exchanged with eLink.

When and How We Disclose Personal Information

In general, we will not disclose the personal and sensitive information we collect from or on you to a third party without your consent.

With your consent, it may be necessary to disclose some or all of your personal information to the following third parties:

• Credit reporting agencies;
• Other financial institutions;
• Mortgage insurers used by us and reinsurers of any mortgage insurer;
  Our agents, contractors and external advisers (including Credit Union Services Corporation (Australia) Limited ("CUSCAL")) whom we engage from time to time to carry out, or advise on, our functions and activities;
• Your agents and contractors, including your finance broker, legal adviser, financial adviser, builder and settlement agent;
• Your executor, administrator, trustee, guardian or attorney;
• Your referees, including your employer;
• Regulatory bodies, government agencies, law enforcement bodies and courts;
• Any person who introduces you to us;
• Other organisations (including CUSCAL) that we have alliances or arrangements with (including rewards programs) for the purpose of promoting our respective products and services, and any agents used by us and our business partners in administering such an arrangement or alliance;
• Anyone supplying goods or services to you in connection with a rewards program associated with a facility;
• Debt collecting agencies;
• External payment systems operators;
• Your insurers or prospective insurers and their underwriters;
• Your sureties and guarantors and prospective sureties and guarantors;
• An organisation proposing to fund the acquisition of, or to acquire, any interest in any obligation you may owe us (whether under a loan, guarantee or security), that organisation's agents, persons involved in assessing the risks and funding of the acquisition and, after acquisition, the purchaser and any manager;
• Any person to the extent necessary, in our view, in order to carry out any instruction you give to us; and
• Our legal advisers.

We will not use or disclose information collected from or about you other than for a purpose we have made known to you unless the disclosure is:

• Required by law; for example, we will disclose your personal information if we receive a request from a Government Departments (including the Australian Tax Office, Centrelink, the Australian Securities and Investments Commission and Australian Prudential Regulatory Authority) to disclose information about your situation to them;
• Is authorised by law; for example, if it is necessary to protect or defend our interests or where we have a duty to the public to disclose).

Service One undertakes not to sell, rent or trade your personal information.

We may use the personal information collected from you for the purpose of providing you with direct marketing material such as articles that may be of interest to you, however you may request not to receive such information. Please allow two (2) weeks for your request to be processed.

Personal Information About Third Parties

When you give us personal information about another person (for example, a guarantor), we will ask you to tell us whether the person has agreed to the information being given to us and whether you agree to inform that person about this Privacy Policy.

How We Store and Secure Personal Information

Your personal information is generally held in a member file and/or in a computer database.

Service One recognises how important the privacy of your personal information is to you. Accordingly, at all times we ensure that the personal information collected and held by us is protected from misuse, loss, unauthorised access, modification or disclosure.

Hard copy files are held in metal cabinets and/or restricted access areas. Metal cabinets and restricted access areas are locked during non-business hours. During business hours, only staff that have been given limited authority are allowed to access personal information.

All computer-based information is protected against unauthorised access and use. To use any of our computer system, you need a special and confidential access password. Beyond that, you will also need special access codes to enter a database. Our computers are protected by firewalls and encryption devices.

In the event you cease to be a member of Service One, any personal information that we hold about you will be maintained in a secure off site storage facility for a minimum period of 7 years in compliance with legislative and professional requirements. After that time we will take all steps practicable to destroy or permanently "de-identify" your personal information if it is no longer needed for the purpose(s) for which it was collected.

Identifiers

Service One will not store or hold your personal information under any identifier assigned by another organisation that you may provide to us. "Identifier" in this context includes a Tax File Number, Centrelink reference number, and Medicare number, but does not include your name or Australian Business Number.

Also, we will not use or disclose your identifier unless:

• The use or disclosure is necessary for us to fulfill an obligations to the organisation that has assigned the identifier;
• We reasonably believe that the use or disclosure is necessary to lessen or prevent
  • A serious and imminent threat to an individual's life, health or safety; or
  • Serious threat to public health or public safety; or
• We have reason to suspect that unlawful activity has been, is being or may be engaged in;
• The use or disclosure is required or authorised by or under law; or
• We reasonably believe that the use or disclosure is reasonably necessary for:
  • The prevention, detection, investigation, prosecution or punishment of criminal offences, breaches of a law imposing a penalty or sanction or breaches of a prescribed law;
  • The enforcement of laws relating to the confiscation of the proceeds of crime;
  • The protection of the public revenue;
  • The prevention, detection, investigation or remedying of seriously improper conduct or prescribed conduct;
• The preparation for, or conduct of, proceedings before any court or tribunal, or implementation of the orders of a court or tribunal.
  

Sending Personal Information to a Foreign Country

We will not send your personal information to yourself or to any person or organisation in a foreign country unless you consent to our doing so or we reasonably believe the other country has privacy laws that are substantially similar to Australia's.

Access to Your Personal Information

At any time, you may request access to your personal information. We may provide you with access to that information either by providing you with copies of the information requested, allowing you to inspect the information requested or providing you with an accurate summary of the information held.

Prior to providing you access we may ask you to provide evidence of your identity.

Whenever practicable, we will respond to any request for access within fourteen [14] days of the receiving your request. If we consider that the personal information you request access to will be complex or time-consuming to compile, we may charge a fee for processing your request.

In some cases, we will refuse you access to your personal information (including if we have reasonable grounds to believe, among other matters that:

• Providing access would have an unreasonable impact on the privacy of other individuals;
• If your request is frivolous or vexatious;
• The information relates to an existing or anticipated legal proceedings between Service One and you;
• Providing access would be unlawful;
• Denying access is required or authorised by law;
• Providing access would be likely to prejudice an investigation of a possible unlawful activity; or
• Providing access would be likely to cause damage to the security of Australia.
  

Any refusal to give you access to your personal information will be accompanied with our reasons for that refusal. In an appropriate case, and if it is reasonable, we may consider whether the use of a mutually agreed intermediary would allow sufficient access to your personal information to meet your and our needs.

Quality of the Personal Information

Before we use your personal information for any purpose, we will ensure that the information is accurate, complete and up to date. From time to time, we will review your personal information to ensure its current relevance to you and us. Because both yourself and Service One have a shared interest in ensuring that your personal information remains accurate and relevant at any given time, please let us know as soon as possible if any of the information you have provided us has changed in a material respect.

Also if you believe that the information we have about you is not accurate, complete or up to date, please contact us so that we can take all reasonable steps to correct the information.

Privacy Inquiries and Complaints

Service One is interested in hearing from you regarding any inquiries you may have about our Privacy Policy or any suggestions you may care to make about the Policy. We will endeavour to help you in whatever way we can to allay your fears about how we handle your personal information.

Also, if you consider we have in any way breached this Policy in any respect or fail to comply with any NPP, do not hesitate to contact us immediately.

Service One has created a position of Privacy Officer, whose responsibility, among others is to ensure that member and public privacy inquiries are actioned and complaints resolved as quickly as possible. The Privacy Officer is also charged with the responsibility to provide educational material to members and the public or to direct them to where they can obtain such material.

The contact details of the Privacy Officer are:

The Privacy Officer
Service One Credit Union Ltd
75 Denison Street DEAKIN ACT 2600
Postal Address: Locked Bag 1 DEAKIN ACT 2600
Email: This e-mail address is being protected from spam bots, you need JavaScript enabled to view it
Phone: 1300 361 761
Fax: 02 6215 7171

If you are not happy with our internal privacy complaints resolution procedure, you may take your complaint to the Australian Privacy Commissioner, whose contact details are:

The Privacy Commissioner,
Level 8, Piccadilly Tower,
133 Castlereagh Street SYDNEY NSW 2000
Postal Address: GPO Box 5218 SYDNEY NSW 1042
Email: www.privacy.gov.au
Phone: 1300 363 992
Fax: 02 9284 9666