Respecting our clients' privacy and the law
The privacy of our customers’ personal information has always been important to us. We are committed to respecting our customers’ right to privacy and protecting their personal information. We are bound by the National Privacy Principles in the Privacy Act 1988 (Commonwealth) as well as other applicable laws and codes affecting personal information. Our staff are expected to respect our clients’ privacy in accordance with our standards, policies and procedures.
The Company is Essential Communities Pty Ltd trading as MyClubShop.
Collecting personal information
If the client is acquiring or has acquired a product or service from the Company, we will collect and hold personal information for the purposes of:
- providing the client with the relevant product or service (including assessing their application and identifying the client)
- managing and administering the product or service
- protecting against fraud.
The Company may also collect personal information for the purpose of letting clients know about products or services that might better serve our clients relevant needs or promotions or other opportunities in which they may be interested.
The information collected may include the clients name, postal or email address, date of birth, financial details or other information the Company considers necessary.
We will, if it is reasonable or practicable to do so, collect personal information from the client. This may happen when they fill out a product or service application or an administrative form (e.g. a change of address form) or when they give us personal information over the telephone or counter, or through the Company's website.
In certain cases we collect personal information from third parties. For example, we may need to collect personal information from a credit reporting agency, clients representative (such as a legal adviser), financial adviser, employer or publicly available sources of information or any of the other organisations identified below under "Using and Disclosing Personal Information".
Using and disclosing your personal information
In line with common business practices to meet our clients’ specific needs, we may disclose personal information to the organisations or people described below. Where personal information is disclosed we will seek to ensure that the information is held, used or disclosed consistently with the National Privacy Principles and other applicable privacy laws and codes.
When discussing your personal information with other, we will require appropriate authorisation to disclose any personal information. We prefer written authorisation but will accept a verbal authorisation on your part, after authenticating your identity, if you are with the 3rd party at the time or prior to being approached by the 3rd party. If the 3rd party is approaching us without you having giving satisfactory advance notification and authorisation then they will need to provide us with a statement of authority signed by you.
The relevant organisations are those
- involved in providing, managing or administering your product or service such as third-party suppliers, other Group organisations, loyalty and affinity program partners, printers, posting services, call centres, lenders mortgage insurers and our advisers
- which are Group organisations who wish to tell our clients about their products or services that might better serve their financial, e-commerce and lifestyle needs or promotions or other opportunities, and their related service providers, except where our client tells us not to
- who are our clients financial advisers and their service providers
- involved in maintaining, reviewing and developing our business systems, procedures and infrastructure including testing or upgrading our computer systems
- involved in a corporate re-organisation
- involved in a transfer of all or part of the assets or business of the Company
- involved in the payments system including financial institutions, merchants and payment organisations
- involved in product planning and development
- which are our clients’ representatives including their legal advisers
- as required or authorised by law, for example, to government or regulatory bodies for purposes related to public health or safety, the prevention or detection of unlawful activities or to protect public revenue
- where our client has given their consent.
Marketing our products and services
We may use or disclose personal information to let our clients know about, and develop, products and services from the Company that might better serve our clients relevant needs or promotions or other opportunities in which our client may be interested. For example, we may do this after an initial marketing contact.
Keeping personal information accurate and up-to-date
We aim to make sure that the personal information we collect, use or disclose is accurate, complete and up-to-date. We will take reasonable steps to make sure this is the case. This way we can provide a better service to our clients.
Protecting personal information
We store information in different ways, including in paper and electronic form. The security of personal information is important to us and we take reasonable steps to protect it from misuse and loss and unauthorised access, modification or disclosure. Some of the ways we do this are:
- confidentiality requirements for our employees
- secure document storage
- security measures for systems access
- providing a discreet environment for confidential discussions
- only allowing access to personal information where the individual seeking access has satisfied our identification requirements
- access control for our buildings
Gaining access to personal information
Our clients can gain access to their personal information. This is subject to some exceptions allowed by law. Factors affecting a right to access include:
- access would pose a serious threat to the life or health of any individual
- access would have an unreasonable impact on the privacy of others
- a frivolous or vexatious request
- the information relates to a commercially sensitive decision-making process
- access would be unlawful
- access would prejudice enforcement activities relating to criminal activities and other
- breaches of law, public revenue, a security function or negotiations with you
- legal dispute resolution proceedings
- where a third party has given us information about our client in confidence
- denying access is required or authorised by or under law
We will give reasons if we deny access.
Using Government Identifiers
Although in certain circumstances we may be required to collect government identifiers such as your tax file number, Medicare number or pension card number, we do not use or disclose this information other than when required or authorised by law or unless our client has voluntarily consented to disclose this information to any third party.