Download Privacy policy - PDF (139 kB)
This Privacy Policy dated March 2024 explains how Police & Nurses Limited (P&N Bank and BCU Bank are divisions of Police & Nurses Limited) (we, us, our) manages your information.
We are bound by the Australian Privacy Principles of the Privacy Act 1988 (Cth) (Privacy Act) in our handling of your personal information. We are also bound by Division 3 of Part IIIA of the Privacy Act, and the Credit Reporting Privacy Code (CR Code) in our handling of your credit-related information. References in the policy to "information" include both personal information and credit-related information.
We may tell you more about how we handle your information at the time we collect it.
This Privacy Policy sets out:
- What is personal information?
- What is credit-related personal information (credit information)?
- Collecting your information
- Laws that require or authorise us to collect, use and/or disclose your personal information
- Using your information
- Disclosing your information
- Exchanging information with credit reporting bodies
- Exchange of your personal information with credit providers
- Protecting your information
- Accessing and correcting your personal information
- Dealing with us anonymously or using an alias
- Direct marketing and your information
- Electronic communications
- Complaints, questions and concerns
- Changes to this Privacy Policy
- Definitions
1. What is personal information?
Personal information is information or an opinion (whether true or otherwise) about an identified individual, or an individual who is reasonably identifiable, such as your name or address.
Personal information may be sensitive information, which includes, for example, information about an individual's health, membership of professional bodies or religion.
2. What is credit-related personal information?
Credit-related information is a variety of personal information that includes information about your credit history or creditworthiness. It includes information about your past experiences with us and other lenders (including your consumer credit liability information), the kinds of credit products you have had or sought, how you have managed your obligations (including your repayment history information, information about defaults and serious credit infringements), information contained in a credit report about you which is obtained by us from a credit reporting body (CRB) and information about your creditworthiness that has been derived by us from such a credit report about you.
3. Collecting your information
We collect personal information (including, if you apply for or enter into a loan with us, credit information) about you and about your interactions with us, for example, transactions on your account.
The types of personal information we may collect include:
- Personal and contact details: such as your name, and contact details (e.g. residential, mailing and email addresses, contact number).
- Identity information: identification documents that enable us to identify you.
- Credit Information: if you apply for credit with us, information about your credit history including credit providers, from a credit reporting body and your reasons for seeking credit.
- Financial Information: such as information about your financial position, including your employment/income details from you and/or your employer, your expenses, assets and liabilities, anticipated or actual use of accounts you hold with us or transaction purpose. We will generally collect this information when you apply for credit with us.
- Publicly available information: such as information recorded about you in public registers maintained by a government entity e.g. ASIC Business Name Register.
When you give us personal information about another person, you agree to inform the person that we have collected their personal information, and of the contents of this Privacy Policy.
We are obligated to take extra care under the Privacy Act in our collection of your sensitive information, such as health information. If we need to collect such information, for example, in connection with assessing whether you have a pre-existing medical condition for insurance purposes, we will ask for your consent.
4. Laws that require or authorise us to collect, use and/or disclose your personal information
Certain laws require us to collect, use and/or disclose your personal information in order to provide you with products and services and meet our legislative and regulatory obligations, including:
- The Anti Money Laundering and Counter Terrorism Financing Act 2006 (Cth) to identify you and comply with our regulatory obligations and;
- If you are giving a mortgage, certain State property laws (for example, the Real Property Act 1900 in NSW)
- The National Consumer Credit Protection Act 2009 (Cth) to learn about and verify your financial situation.
- We are permitted to collect, but you are not required to provide, your Tax File Number (TFN) under the Taxation Administration Act 1953 and the Income Tax Assessment Act 1936 (Cth).
- We collect information about tax residency of other countries in order to help us comply with taxation laws, including the Common Reporting Standard, Foreign Account Taxation Compliance Act and non-resident withholding tax requirements, which are incorporated into Australian taxation laws.
If you do not provide some or all of the information we request, we may be unable to provide, or continue to provide you with a product or service.
5. Using your information
We use and exchange your information for the main purpose of providing you with a product or service and to manage our relationship with you, including to:
- identify you or to verify your identity
- verify that your information is correct
- assess, complete and process your application for any product or service that you make or for which you are signatory, guarantor or representative
- establish, provide and administer your account
- manage our relationship with you
- comply with legislative or regulatory requirements
- undertake internal processes including product development, strategic planning, risk management, pricing, and account monitoring activities
- meet our obligations in relation to external payments, credit reporting systems, government bodies and our funding arrangements
- carry out your instructions, or assist with your inquiries
- collect overdue payments
- do anything we are required or authorised by law to do
- identify and (unless you tell us not to) tell you about our products and services, and those of third parties, that might interest you
Generally, we will not use or exchange your information for any purpose other than one that:
- is set out in this Privacy Policy;
- you would reasonably expect;
- is required or permitted by law; or
- is disclosed to you and to which you have consented.
6. Disclosing your information
We may disclose your information for any of the reasons mentioned above with third parties including:
- other persons (for example your employer) to verify that it is correct
- our related bodies corporate, assignees, agents, contractors and external advisers
- our external service providers, e.g. mailing houses, IT service providers and entities to help verify your identity or identify illegal activities and prevent fraud
- your agents, referees, employer, executors, administrators, trustees, beneficiaries (if you are a trustee), or guardians
- your and our professional advisers such as lawyers, accountants and auditors
- your and our insurers or prospective insurers and their underwriters.
- any person with whom you make a joint application for a product or service
- your current and prospective co-borrowers, guarantors, co-guarantors, valuers and security providers
- any person we consider necessary to execute your instructions
- law enforcement, regulatory, government and dispute resolution bodies
- anyone who introduces you to us
- reward program providers
- payment system operators
- any financial institution to or from which a payment is made in relation to any account you have or operate
- other credit providers or financial institutions
- debt collection agencies and CRBs
- anyone who obtains an interest in a loan we provide to you or is considering doing so (for example, an assignee), and their professional advisers
We may also include your personal information on any registers relevant to services we provide, such as the Personal Property Security Register.
When we disclose your information to third parties, we limit their use and disclosure of that personal information to the specific purpose for which it is disclosed and require them to protect your information in accordance with the Privacy Act.
We may disclose your information to our systems support and administrative service providers located overseas. This may include our service providers in the Philippines, the Netherlands, the United States of America, India and the United Kingdom. Where we disclose your personal information overseas, we do so on the basis that the information will only be used for the purposes set out in this Privacy Policy.
7. Exchanging information with credit reporting bodies
If you apply for credit or provide a guarantee, you agree we may collect and disclose personal information about you from, and/or disclose it to, CRBs, including by:
- disclosing and obtaining information about your credit worthiness;
- disclosing and obtaining information about your credit history, including about your consumer credit liability information repayment history information;
- disclosing any failure by you to meet your payment obligations in relation to consumer credit and the fact that you have committed fraud or other serious credit infringement; and
- obtaining commercial credit information about you in order to assess an application by you for consumer credit.
The CRBs we may use from time to time include:
You may obtain the privacy policy of these CRBs by contacting them on the details above.
CRBs include information which we provide in reports to other credit providers to assist them to assess your creditworthiness.
You can ask a CRB not to use or disclose credit information it holds about you without your consent for an initial period of 21 days (called a "ban period") or longer if an extension has been sought and agreed by the CRB if you believe on reasonable grounds that you have been or are likely to be a victim of fraud, including identity fraud. If you are applying to be a borrower, guarantor or security provider, you agree to us accessing your personal information (including credit-related information) held with a CRB, even if there is a ban period in place, for the purposes of assessing an application for credit or in order to collect overdue payments.
CRBs may use credit-related information they hold to respond to requests from us or other credit providers to "pre-screen" you for direct marketing. You can ask a CRB not to do this. However, if you are a borrower you may still receive direct marketing from us (unless you ask not to) that has not been "pre-screened".
8. Exchange of your personal information with credit providers
If you apply for credit, you agree we may collect and disclose personal information about you from, and/or disclose it to, other credit providers for the purpose of:
- assessing an application for credit;
- collecting overdue payments, managing credit, helping you avoid default on credit obligations and taking action in the event of your fraud and other serious credit infringement; and
- providing or managing transferred loans.
9. Protecting your information
We keep your hard copy or electronic records on our premises and systems or offsite using trusted third parties. We take all reasonable steps to ensure that information we hold about you is protected from:
- misuse, interference and loss; and
- unauthorised access, disclosure or modification.
Your information is only accessible by you and those authorised to access it. Employees and third parties who deal with your information are bound by confidentiality obligations and are required to complete training about information security.
When you transact with us on the internet via our website, we encrypt data sent from your computer to our systems. We have firewalls and virus scanning tools to protect unauthorised access. When we send electronic data, we use dedicated secure networks or encryption.
When we no longer need your information, including when we are no longer legally obliged to keep records relating to you, we will destroy it or de-identify it.
10. Accessing and correcting your personal information
We take all reasonable steps to ensure that the information we may collect, use or disclose is accurate, complete and up-to-date. You have rights to access your information and correct it if it is inaccurate, out-of-date or incomplete.
You may request access to the information we hold about you at any time by contacting the Member Advocate on 1300 228 228 or at mail@bcu.com.au. We will respond to your request within a reasonable time. There is no fee for making a request but we may charge you the reasonable costs of providing our response to a request for access to personal information.
If we refuse to give you access to any of your personal information, we will provide you with reasons for the refusal and the relevant provisions of the Privacy Act on which we rely to refuse access.
You may also ask us to correct any information we hold about you by contacting us using the details noted above. We encourage you to advise us as soon as there is a change to your contact details, such as your phone number or address. We will deal with your request to correct your information in a reasonable time. If we correct your information and it is information we have provided to others we will notify them of the correction where we are required to do so by the Privacy Act. If your request to correct your information relates to information which has been provided to us by a CRB or another credit provider we may need to consult with them about your request. We will correct information, where we decide to do so, within 30 days of your request, or longer if you agree.
If we do not agree with the corrections you have requested, we are not obliged to amend your information accordingly, however, we will give you a written notice which sets out the reasons for our refusal.
11. Dealing with us anonymously or using an alias
We will generally need to know who you are in order to provide you with our products and services, or information about the products or services that you hold. In some circumstances you are entitled to deal with us anonymously, or by using a pseudonym (alias), for example when making general enquiries about the products and services we offer.
12. Direct marketing and your information
We may use your information to advertise or promote products, services, or business or investment opportunities we think may interest you, including by email or telephone. We may also provide your information to other organisations for specific marketing purposes. However, we will not do so where you tell us not to.
You can ask us not to contact you about products and services and not to disclose your information to others for that purpose by calling us on 1300 228 228.
13. Electronic communications
If you provide us with an e-mail address or mobile phone number, you consent to us using them to send you notices and reminders. Paper documents may no longer be given but there may be some documents which we are legally required to give you in hard copy. Electronic communications must be regularly checked for notices from us. To protect your privacy, you should nominate an e-mail address and/or mobile phone number accessible only by you rather than, for example, one which is accessible by your work colleagues or family members. Your consent to the giving of documents by electronic communication may be withdrawn at any time.
14. Complaints, questions and concerns
If you have any questions or concerns about this Privacy Policy you may contact the Member Advocate on 1300 228 228 or at mail@bcu.com.au.
Additionally, if you believe that in handling your personal information (including – credit related information) we have breached the Australian Privacy Principles, Part IIIA of the Privacy Act or the Credit Reporting Code and you would like to make a complaint, you may use these same contact details noted above to lodge a complaint.
Once we receive your complaint, we will respond to you as soon as possible and will let you know if we need any further information from you. We will notify you of our decision within 30 days, however if we are unable to do so, we will let you know the reason for the delay and the expected timeframe to resolve the complaint.
If you are not satisfied with our response to your complaint, or the way in which we have handled your complaint, you may contact the Australian Financial Complaints Authority (AFCA), our external dispute resolution scheme, or the Office of the Australian Information Commissioner. The contact details of these entities are as follows:
Australian Financial Complaints Authority (AFCA)
GPO Box 3
Melbourne VIC 3001
1800 931 678
Office of the Australian Information Commissioner
GPO Box 5218
Sydney NSW 2001
1300 363 992
Either of these entities may forward your complaint to another external dispute resolution body if they consider that the complaint would be better handled by that other body.
15. Changes to this Privacy Policy
We may, from time to time, update this Privacy Policy without notice to you. The current Privacy Policy will always be available at https://www.bcu.com.au/important-information/privacy/.
16. Definitions
Consumer credit products: A consumer credit product would be typically known as a home loan, investment home loan, credit card and/or personal loan that is used for:
1. personal, family or household purposes, or
2. to acquire, maintain, renovate or improve residential property, or
3. to refinance credit that has been previously provided to acquire, maintain, renovate or improve residential property.
Creditworthiness: An assessment of your creditworthiness includes an assessment of your:
- eligibility to be provided with credit, (e.g. over 18 years old)
- repayment history in relation to prior credit obtained by you, and/or
- your ability to repay an amount of credit (i.e. sufficient earnings).
Credit history: A record of a borrower's responsible repayment history in relation to credit provided which can be obtained from a Credit Reporting Body. Information is sourced from banks, credit card companies, collection agencies, and government agencies.
Credit infringement: This is when you default under your contract. This can include not paying the amount required and is overdue by 60 days or more or giving false and misleading information either before or after obtaining a credit product.
Credit reporting body (CRB): A credit reporting body (CRB) is an organisation whose business involves handling personal information in order to provide another organisation with information about the credit worthiness of an individual. A consumer credit report will confirm if you have consistently met your repayments on time and/or if you have not defaulted on a repayment.
Contact details: The information required to contact someone, such as an address, phone number or email address.
Dispute resolution bodies: An independent organisation such as the Australian Financial Complaints Authority (AFCA) that assists you in the event that you are unable to reach a satisfactory agreement in relation to a complaint or dispute lodged with a financial institution.
Eligibility: Minimum criteria required to be met (e.g. age).
Guarantor: A party that gives or acts as a guarantee on an application. They guarantee to pay a main borrower’s debt if the borrower does not meet their loan repayment obligations. They usually need to pledge their own assets as a form of security.
Interaction/s: Communication or direct involvement with you. It can include face-to-face, online, phone, email, text and transaction/credit product apps.
Personal Property Security Register (PPSR): A national online database that stores information of security interests (outstanding debts etc.) on personal property such as cars, boats and most other assets apart from real estate (land or buildings). The register is administered by the Insolvency and Trustee Service Australia (ITSA) and is searchable by consumers and businesses.
Publicly available sources: Information that is generally available to a wide range of persons. Some examples include names and addresses in telephone books and information published in newspapers or other public media.
Representative: A person chosen or appointed to act or speak on behalf of another.
Signatory: A party that has signed an application for an account that they are authorised to operate.
Tax residency: This relates to those people who have taxation obligations in other countries. (e.g. US Citizen).
Handy hint: You can print or save a copy of this document as a PDF using your browser print function.