Phone: 02 4322 0044
Griffith-Jones & Associates has opted into complying with the Privacy Act 1988 (Cth) (the Act). We are therefore voluntarily bound by the Australian Privacy Principles which are set out in Schedule 1 to the Act, as amended from time-to-time.
This policy sets out how we comply with each of the Australian Privacy Principles.
Australian Privacy Principle 1 - open and transparent management of personal information
Personal information is defined in section 6A of the Act as:
“information or an opinion about an identified individual, or an individual who is reasonably identifiable:
We intentionally collect only the personal information that is reasonably necessary for us to provide our Debt Collection and Receivables Management Services (the Services) to our clients.
The kinds of personal information we intentionally collect and hold about an individual is generally limited to their:
Australian Privacy Principle 2 - anonymity and pseudonymity
The nature of the Services we provide requires us to deal directly with specified individuals, or with their nominated representative. For that reason, it is impracticable for us to deal with individuals who have not identified themselves, as doing so may impact the privacy of others.
The Act requires us to collect personal information about an individual only from that individual, unless it is unreasonable or impracticable to do so.
Australian Privacy Principle 3 - collection of solicited personal information
As to how we intentionally collect personal information, we collect it by lawful and fair means when:
If we become aware of other means of collecting personal information, we will update and re-publish this policy.
We do not hold debtors’ bank account or credit card details on file. If and when we are given those details for the purpose of the debtor facilitating a payment from their nominated account, we do not hold/retain the account details on file. Instead, we use the secure online PayWay banking system provided by Westpac Banking Corporation.
Australian Privacy Principle 4 - dealing with unsolicited personal information
A creditor on whose behalf we act may occasionally send us unsolicited personal information about their debtors. That unsolicited personal information may include a debtor’s:
Unsolicited personal information, if any, of the type just described, forms part of the creditor’s own records regarding the amount owed to them by the debtor.
Any such unsolicited personal information may be held by us as part of a debtor’s transaction history, however it is not used by us, nor disclosed by us to third parties, nor is it selectively deleted from our current records.
We may also collect unsolicited personal information when a debtor volunteers certain information, such as their employment status. This information may become part of the debtor’s communication history with us, which we make available to the creditor as part of our regular reporting.
Other unsolicited personal information we could potentially collect could include any information sent to us by the debtor or another person using the “contact us” option on our website. Except for the purpose of responding to any such enquiry, we will not retain unsolicited personal information received in this manner beyond the point at which the enquiry has been resolved.
We may destroy the unsolicited personal information as soon as practicable but only if it is lawful and reasonable to do so, as allowed by the Act. Alternatively, the unsolicited personal information may be dealt with as if we had solicited its collection.
Australian Privacy Principle 5 - notification of the collection of personal information
When first engaged by a client to deliver the Services, we write to a debtor at the address given to us.
That letter identifies us; our contact details; on whose behalf we act; and the purpose of our writing to the debtor. It will specify the amount owed by the debtor, and, if applicable, the repayment (instalment) amounts and frequency which have been agreed between the creditor and the debtor. The debtor is offered payment alternatives which do not necessarily require disclosure by the debtor of their banking details.
By way of that letter, the debtor is therefore notified that we have collected (and may also be seeking to collect) their personal information to facilitate their repayment of the debt.
We may subsequently collect other personal information, such as that obtained from a field investigator engaged to facilitate the collection of monies owed. It may be impracticable for us to notify the debtor of the subsequent collection of such personal information.
Australian Privacy Principle 6 - use or disclosure of personal information
We will not use or disclose an individual’s personal information except:
If a debtor discloses personal information, which is relevant to the collection of monies owed by them, that personal information may form part of a computerised file note of a conversation held, or correspondence received. The disclosure therefore becomes part of our reporting to our client.
When we have to engage a field investigator to pursue contact with a debtor, the relevant personal information (e.g. debtor’s name and contact details) are necessarily provided to that investigator.
Otherwise, we will only use and disclose personal information when we reasonably believe that its use and disclosure is required or authorised by or under an Australian law, or is reasonably necessary for one or more enforcement-related activities conducted by, or on behalf of, an enforcement body.
We will always limit, to the minimum necessary, the amount of personal information we use or disclose.
Australian Privacy Principle 7 - direct marketing
We do not engage in direct marketing, nor are we likely to.
We will update and re-publish this policy if at any time we begin to engage in direct marketing.
Australian Privacy Principle 8 - cross-border disclosure of personal information
We do not disclose personal information to cross-border jurisdictions, nor are we likely to.
We will update and re-publish this policy if at any time we begin to engage in cross-border transactions which involve, or could involve, the disclosure of personal information.
Australian Privacy Principle 9 - adoption, use or disclosure of government related identifiers
The Services we provide do not involve the use or otherwise of government-related identifiers. For example, we will never collect an individual’s Tax File Number, or Medicare or Department of Human Services’ client numbers.
Australian Privacy Principle 10 - quality of personal information
The personal information we hold is only as accurate, up-to-date, complete and relevant as that provided to us by our clients, or, as advised to us by a debtor. Therefore, in order to facilitate the collection of monies owed to a client, we will need to be advised by them, or by the debtor, of any change of contact details.
If a debtor provides us with amended contact details, we will provide those updated details to our client.
Australian Privacy Principle11 - security of personal information
We will take such steps as are reasonable in the circumstances to protect the personal information we collect from misuse, interference and loss, and also from unauthorised access, modification or disclosure.
We hold personal information securely, on password-protected computer software, the access to which is restricted to our authorised personnel who are directly involved in the delivery of our Services to our clients.
We do not use “cloud” servers, or other internet-based storage platforms.
We transmit, by email, reports to our clients. We also facilitate clients’ access to their debtors via a secure client log-in on our website.
If we hold personal information about an individual which we no longer need for the purpose for which it was collected, we will take such steps as are reasonable in the circumstances to destroy or de-identify the information.
Australian Privacy Principle 12 - access to personal information
An individual may request access to their personal information by writing to us at PO Box 186 Gosford NSW 2250.
We will not provide access to personal information where the request is made on a person’s behalf, unless the debtor provides us with written evidence of their nomination of a representative, such nomination having effect until revoked or substituted. That written evidence should be posted to us at PO Box 186 Gosford NSW 2250.
The Act specifies certain exceptions to the requirement for us to provide an individual with access to their personal information, which we will consider in the context of each request. The Act entitles us to charge a reasonable amount for the giving of access to personal information.
If we lawfully refuse a request to give access to personal information, we will advise our reasons for refusal, in writing, unless in the circumstances it is unreasonable for us to do so.
A complaint (about a refusal of access to personal information or about any other matter) can be made by writing to us at PO Box 186 Gosford NSW 2250.
We will respond to a complaint, in writing, within a reasonable period after the request is made.
Australian Privacy Principle 13 - correction of personal information
A debtor may request correction of their personal information by writing to us at PO Box 186 Gosford NSW 2250. We will not charge the debtor for correcting their personal information.
We will provide those updated details to our client.