8 September 2020
This document provides information about how your information will be treated, including when you interact with our website.
This document is prepared by:
- Shroogle Pty Ltd (ABN 71 629 833 432) (Shroogle); and
- SCS Credit Services Pty Ltd (ABN 12 638 160 782 (SCS) Australian Credit Licence Number (ACL) 520938, our licensee
In this document, ‘Shroogle’, ‘we’, ‘us’ and ‘our’ are references to Shroogle, our licensee and our associated entities, employees and credit representatives.
Shroogle provides Australian customers with credit assistance in relation to home loans. The process typically requires collection of personal and financial information. This is simply to facilitate a credit assessment when you seek to access a credit product available under our licence.
|Company name||Shroogle Pty Ltd|
|Australian Company Number||629 833 432|
|Australian Business Number||71 629 833 432|
|Address & Postal Address||Level 1, 56 Pitt Street Sydney NSW 2000|
|Phone||1300 840 977|
Our commitment to you
We understand the importance of protecting your personal information.
This policy explains how your personal information will be treated, including when you access and interact with our website. A reference to ‘this website’ or ‘our website’ includes any websites operated by or on behalf of Shroogle, including any microsites and mobile websites.
This policy also includes our credit reporting policy, it covers additional information on how we manage your personal information collected in connection with a credit application or a credit facility. We refer to this credit-related information below as credit information.
We are committed to protecting your privacy in accordance with:
- the Australian Privacy Principles, as set out in the Privacy Act 1988 (Cth);
- the Notifiable Data Breach scheme established under the Act; and
- any other relevant law.
We review this policy periodically and make amendments to reflect emerging legislative and technological developments, industry practice and market expectations. We will let you know of any changes to this policy by informing you via our website.
Your personal information
When we refer to personal information, we mean information or an opinion from which your identity is apparent or can reasonably be ascertained. Protection of this information is of the upmost importance.
Personal information held by us may include your name, date of birth, current and previous addresses, telephone or mobile phone number, email address, bank details, occupation, driver licence number, financial details and other information that is relevant or necessary. We may also hold details of products and services you have (including their status) such as your home loan, car finance or superannuation provider. We may hold information from CRBs, such as default information, personal insolvency information and repayment history information.
If you choose not to provide certain personal information (e.g. your date of birth), we may not be able to provide the products and services you seek, or the level of service we aim to offer.
You may need to provide personal information about other individuals to us (e.g. about your authorised representatives or joint applicants). If so, we rely on you to inform those individuals that you are providing their personal information and to let them know that they can contact us about that.
Personal information may also include credit information.
Credit information is a sub-set of personal information that is used to assess your eligibility to be provided with loan(s). It may include any finance that you have outstanding, your repayment history in respect of those loans, and any defaults.
Usually, credit information is exchanged between credit / finance providers and credit reporting bodies(CRBs). Credit / finance providers (including banks, building societies, utility companies and telecommunications carriers) provide information about individuals’ activities in relation to consumer credit to central databases managed by CRBs. CRBs are then able to include that information on the individual’s credit report. Credit / finance providers typically obtain a copy of an individual’s credit report from a CRB to assist in deciding whether to provide that individual with consumer credit, or to manage credit already provided.
In accordance with the rules set out in the Privacy Act 1988 (Cth), when you authorize us to proceed with providing credit assistance, you authorize us to obtain a copy of your credit report from a CRB. You also consent to us providing information contained in that report (which may include any credit related information, credit worthiness information, arrears information and personal information) to any credit provider who may be able to assist by providing credit to you.
About credit information and ‘notifiable matters’
We are required by law to advise you of ‘notifiable matters’ in relation to how we may use your credit information.
We exchange your credit information with CRBs to:
- assess your application for finance;
- assess your creditworthiness; and
- manage your finance.
In addition, if you fail to meet your payment obligations in relation to any finance that we have provided or arranged, or you have committed a serious credit infringement, we may disclose this information to a CRB.
Your credit information may be used by CRBs for ‘pre-screening’ credit offers on the request of other credit providers. You can contact the CRB at any time to request that your credit information is not used in this way. You have the right to request access to the credit information that we hold about you and make a request for us to correct that credit information if needed.
If you believe that you have been a victim of fraud, you may contact the CRB to advise them. 21 days after the CRB receives your notification, the CRB must not use or disclose that credit information. You can contact any of the following CRBs for more information: Experian (www.experian.com.au); Equifax (www.equifax.com.au); and Dun & Bradstreet (Australia) Pty Ltd (www.dnb.com.au).
You may request to have these notifiable matters (and this policy) provided to you in an alternative form, such as a hard copy.
How we collect personal information
There are a number of ways we may use to collect personal information, including:
- directly from you, e.g. in application forms, by phone or other agreements, or when you submit your personal details online;
- from joint applicants to your home loan, e.g. where one applicant has provided information on behalf of another applicant/s and it is therefore unreasonable or impractical for us to also collect that information directly from you. Co-applicants and guarantors may also be used.
- from third parties such as providers of survey, competition or marketing related services, related companies, CRBs or your representatives. If we obtained your information through any of these methods and you would like a list of these entities or websites, or if you feel you have not given us consent to use your details, please contact us below;
- from publicly available sources of information;
- from the organisations and entities identified under ‘When we disclose your personal information’;
- from our own records;
- when you visit any of our online platforms;
- when legally required to do so – for example, in the provision of specific credit services; and
- from any institutions or organisations duly authorised by you.
How we use your personal information
Your personal information may be used in:
- identity verification;
- assisting you in gaining approval or provisioning of a product or service;
- conducting appropriate checks for credit-worthiness and fraud;
- providing the products and services you require;
- administering and managing those products and services;
- helping us manage our relationship with you, including, dealing with any feedback, disputes or enquiries;
- researching and developing our products or services provided, either directly or referred;
- helping us complete internal reports and manage compliance related matters; and
- informing you of ways products and services could be improved or additional products or services that you may benefit from
We base some things on the information we get from CRBs, such as:
- credit scores, which is a calculation that lets us know how likely a credit applicant will be able to repay borrowings we may make available to them; and
- our summaries of what the CRBs tell us.
Information that we get or derive from a credit reporting body is known as credit eligibility information.
Your personal information is also collected for the purpose of marketing and promotional activities. This allows us to promote and market products and services to you (including by way of direct mail, telemarketing, email, SMS and MMS messages). This assists to keep you informed of products, services and special offers and may continue after you cease holding an active product or service through us.
You may request further information about the way we manage your personal information at any time.
When we disclose your personal information
In order to deliver the products or services you require, we may disclose your personal information to organisations outside of Shroogle and any related entities.
We may use external organisations to carry out or handle our:
- customer enquiries and relationship management;
- mailing operations;
- billing and debt-recovery functions;
- information technology services;
- marketing and telemarketing
- market research;
- website usage analysis; and
- other business needs from time to time.
We take reasonable steps to ensure that these organisations are bound by confidentiality and privacy obligations in relation to the protection of your personal information. In addition, we may disclose your personal information to:
- credit providers (for credit related purposes such as credit-worthiness, credit rating, credit provision and financing);
- any organisation providing online verification of your identity;
- your employer or referees to verify information you have provided;
- credit reporting bodies (CRBs) and fraud-checking agencies;
- anybody who represents you, such as your lawyer, accountant, finance brokers or real estate agents involved in the sale or purchase of your property;
- any person who proposes to guarantee or has guaranteed repayment of any credit provided by you or any joint borrowers;
- Australian Banks, non-bank lenders and providers of credit, financial or insurance services;
- our professional advisers, including our accountants, auditors, insurers and lawyers;
- any associates, related entities, contractors and our mortgage aggregator Vow Financial Pty Ltd.
- cloud based online document storage organisations and client relationship management systems;
- investors, agents or advisers, or any entity that has an interest in our business;
- government and regulatory authorities and other organisations under which we are governed (such as ASIC and AUSTRAC) and other bodies as required or authorised by law (such as the ATO and in accordance with the Anti-Money or Laundering and Courter Terrorism Financing Act 2006 (Cth));
- organisations who manage our business, marketing and corporate strategies;
- any industry body, tribunal, court or otherwise in connection with any complaint, dispute or litigation regarding your loan;
- anyone, if in the public’s interest (such as if a crime is committed and disclosure to a law enforcement body may be justified); and
- anyone, where you have provided us consent.
We may verify your identity using information held by a CRB. To do this we may disclose personal information such as your name, date of birth and address to the CRB to obtain an assessment of whether that personal information matches information held by the CRB. The CRB may give us a report on that assessment and to do so may use personal information about you and other individuals in their files.
Alternative means of verifying your identity are available on request. If we are unable to verify your identity using information held by a CRB, we will provide you with a notice to this effect and give you the opportunity to contact the CRB to update your information held by them.
We will not sell your information to any party outside of Shroogle or any related entities.
Sensitive information is any information about your racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual preferences or practices, criminal record or health information.
We may seek, collect, use or disclose sensitive information about you but only if that sensitive information relates directly to our ability to arrange or provide credit to you or manage the credit provided to you (including, for example, assessing hardship applications and collecting overdue payments).
At times information is shared with us that we have not sought out (including sensitive information). It could be through using our website or, for example, requesting us to assess or assist in a hardship application.
If unsolicited personal information is received by us (including sensitive information) about you, a determination will be made by us as to whether we would have been permitted to collect that information. If yes, then we will handle this information in the same way we do with other information that we seek from you. If no, and the information is not contained in a Commonwealth record, if it is lawful and reasonable to do so, then we will destroy or de-identify it as soon as practicable.
Sometimes we may need to store this information for future use, such as to help resolve disputes between us or assess future applications by you. Furthermore, it is often not possible for us to neatly unbundle this information then destroy or de-identify only certain sections or parts of it.
We do have many security safeguards in place to protect the information from misuse, interference, unauthorised access, loss, modification or disclosure.
Sharing with Credit Reporting Bodies
When we provide your information to a CRB, it may be included in reports that the CRB provides other organisations (such as other lenders) to help them assess your credit worthiness. We may disclose information about you to a CRB when you apply for credit, have obtained credit from us, or if you guarantee or are considering guaranteeing the obligations of another person to us.
If you fail to make payments or if you commit a serious credit infringement (like obtaining credit by fraud), it may reflect adversely on your credit worthiness and may affect your ability to get credit from other lenders.
We may use or disclose your personal information to let you know about products and services from us and our agents, business partners and affiliates that might better serve your financial, lifestyle and other needs, or competitions or promotions and other opportunities that you may be interested in. This includes what some may refer to as ‘cross-selling’, meaning we may suggest a related or complimentary product or service to you.
We may conduct these marketing activities via telephone, SMS, email, chat, IM, mail, or any other electronic means. Third party channels may also be used to market our products and services to you (such as social networking sites). You can opt out from receiving marketing offers, should you wish.
We may disclose your personal information to third parties such as brokers or agents, or for the purpose of connecting you with other businesses or customers. You can ask us to not do this at any time.
Third party marketing service providers may combine the personal information we disclose to them with information they already hold about you, in order to provide you with more relevant advertising about our or their products and services.
Unless you have consented to the use or disclosure, we will not use or disclose sensitive information about you for direct marketing purposes. We inform prospective customers about how we obtained their information and provide easy to follow opt-outs.
IP address, cookies and web beacons
Your internet protocol address (or ‘IP address’) is a numerical identifier for your device when you interact with the internet.
When you visit our website or related landing pages to read, browse, submit or download information, our system will record/log information such as your IP address, date and time of your visit to our site, the pages viewed and any information downloaded.
A ‘cookie’ is a small text file placed on your device by a webpage server that may later be retrieved by webpage servers. There are different types of cookies for different purposes. For example:
- session cookies, which used to facilitate completing online forms. These are generally active for only a single web session; and
- persistent cookies, which are stored on your device to help websites remember your information and settings when you visit them again. This means they remain active beyond a single web session.
We may also use cookie information to display targeted advertisements or content on our network and on this website or third-party networks and websites (Third Party Websites) such as Google, Facebook, LinkedIn, Twitter, Instagram.
A web beacon is invisible to the user. It is placed on a website, typically as a transparent graphic image. Simple actions of the user can be recorded by the use of a web beacon (such as opening the page that contains the beacon) through a tracking pixel.
Web beacons and cookies may also be used for purposes such as site usage analytics, advertising auditing and reporting, as well as content and ‘personalised advertising / marketing’.
Any data collected from web beacon (and cookies) may be shared with third parties to provide you with relevant advertising when browsing Third Party Websites.
Information from third parties
Our website may contain links to Third Party Websites (e.g. third-party providers of goods and services).
As part of an arrangement with third parties, if you accessed Third Party Websites through our website and if those third parties collect information about you, we may also collect or have access to that information.
Information you have provided about yourself may be shared between us and the third party where you access a Third-Party Website from our website (cookie and web beacon information, information about your preferences or other).
Advertising and tracking
Third Party Websites may be used to advertise.
When you access our website after viewing one of our advertisements on a Third-Party Website, the advertising company may collect information on how you utilise our website (e.g. which pages you view) and whether you commenced or completed an online application.
We retain the information contained in a completed online application and then use that information to provide any products and services that you require.
In order to allow you to complete and send the applications at a later time, you may also be able to suspend and save online applications. The information that you have entered in a suspended or saved application will be retained in our systems so that you may recover the information when you resume your application. We may view any online applications that have been suspended or saved, in particular, if you start but do not submit an online application, we can contact you using any of the contact details you have supplied to offer help completing it.
All reasonable precautions are taken by us to ensure that the personal information we collect, use and disclose is accurate, complete and up-to-date. This includes:
- asking you to provide us with specific information;
- informing you of the importance of ensuring that information is complete and accurate; and
- providing you with a summary of your information so you can review it before authorizing us to proceed with lodging an application for credit in your behalf.
In any case, the accuracy of that information depends on what you or others have provided. So please be doubly sure that the information contain in your Information summary is complete and accurate. If the information we hold about you is incomplete or inaccurate, we will generally rely on you to assist with rectifying it.
Update and request of personal information
You may request access to the personal information we hold about you by contacting us. We will respond to your request within a reasonable period. If it is reasonable to do so, we will give access in the manner you have requested and we may charge you a fee to access the information. A fee will not apply to the making of the request.
In certain circumstances we may deny access to your personal information. This can happen in situations such as where we are required or authorised by or under an Australian law or a court/tribunal order, or it would be likely to prejudice enforcement related activities by an enforcement body. The exceptions may differ in relation to credit eligibility information.
If access is not given to you, we will provide reasons for the refusal and information on how you can complain about the refusal.
Additional things we have to do to correct your credit information
If you ask us to correct credit information, we will help you with this in the following way:
Helping you manage corrections
Whether we made the mistake or someone else did, we are required to help you in asking for the information to be corrected. In order to do this, we might need to talk to others, however, the most efficient way for you to make a correction request is to send it to the organisation that made the mistake.
Where we correct information
If we are able to correct the information, we will let you know within five business days of deciding to do this. We will also let the relevant third parties know as well as any others you tell us about. If there are any instances where we cannot do this, then we’ll let you know in writing.
Where we cannot correct information
If we are unable to correct your information, we will explain the reason/s why in writing within five business days of making this decision. If you have any concerns, you can access our external dispute resolution scheme or make a complaint to the Office of the Australian Information Commissioner (OAIC).
Time frame for correcting information
If we agree to correct your information, we will do so within 30 days from when you asked us, or a longer period that’s been agreed by you.
If we cannot make corrections within a 30-day time frame or the agreed time frame, we must:
- let you know about the delay, the reasons for it and when we expect to resolve the matter;
- ask you to agree in writing to give us more time; and
- let you know you can complain to our external dispute resolution scheme or the OAIC.
Storage and security of personal information
We store information in various ways, including in paper and electronic form.
The security of your personal information is vital to us and we take reasonable steps to protect it from loss, misuse, interference, and from unauthorised access, modification or disclosure. This includes:
- document storage security policies;
- only giving access to personal information to a person who is verified as being able to receive that information;
- confidentiality requirements of our employees;
- security measures for access to our systems;
- control of access to our buildings; and
- electronic security systems, such as firewalls and data encryption on our website.
We take the matter of protecting your personal information seriously. A response plan is in place that is designated to enable us to contain, assess and respond to suspected data breaches in a timely fashion, helping mitigate potential harm to affected individuals.
Cloud or other types of networked or electronic storage may be used to store your information. Access to electronic or networked storage can be from anywhere via an internet connection and it is not always practicable to know in which country your information may be held. If your information is stored in this way, disclosures may occur in countries other than those listed here or those we referred to from time.
You should note that while they will often be subject to confidentiality or privacy obligations, they may not be entirely consistent with Australian privacy laws. Overseas organisations may be required to disclose information we share with them under their own foreign laws. In those instances, we will not be responsible for that disclosure.
We also regularly review developments in security and encryption technologies. However, even with safeguards in place, it is important to remember that the use of email and the internet may not always be secure.
We take reasonable steps to destroy or de-identify the information when we no longer require your information, and we are legally permitted to do so. However, sometimes it is impossible or impractical to completely isolate and remove all traces of the information. We may also store the information for future use, such as to help resolve disputes between us or assess future applications by you.
Doing business without identifying you
In order to successfully do business with you, in most circumstances, it will be necessary for us to verify your identity.
However, where it is lawful and practicable to do so, we will provide you with the option to remain anonymous or to use a pseudonym, e.g. when you make general inquiries about current promotional offers or our business.
We do not use Government related identifiers as a means of identifying you (such as your tax file or driver licence number).
How to contact us
You may contact us via the following methods during business hours (between 9am and 5pm AEST):
|Phone||1300 840 977|
|Level 1, 56 Pitt Street Sydney NSW 2000|
Complaints and further information
If you have a complaint about how we handle your personal information, we want to hear from you. You can let us know about your complaint or feedback by contacting the Complaints Manager at:
|Contact details||The Complaints Manager|
SCS Credit Services Pty Ltd
Level 1, 56 Pitt Street Sydney NSW 2000
|Phone||02 9235 0028|
We will be best placed to resolve things if you explain your concerns clearly including any relevant supporting documentation. We will acknowledge your complaint within 7 days and provide a decision within 30 days.
If you are dissatisfied with our response, you may make a complaint to the OAIC which can be contacted on either www.oaic.gov.au or 1300 363 992.
Should you wish find out more about the privacy legislation or the Australian Privacy Principles, simply visit the Federal Privacy Commissioner’s website at www.privacy.gov.au.