Version: 9 November 2018
CANSTAR Pty Limited AR 443019 recognises the importance of protecting your privacy and abides by the Australian Privacy Principles contained in the (amended) Privacy Act 1988.
When we refer to our ‘website’, we are referring to the CANSTAR website on any device, social media sites, CANSTAR’s AdviserInfo service, CANSTAR View, CANSTAR’s Investor Hub service, emails we send, CANSTAR apps, and any new technology we implement on any of these platforms.
What information do we collect?
Because we strive to provide our website users with personalised services showing the information most relevant to them, from time to time we request and store some private information about you. We will only use that information in accordance with this policy.
We collect and hold information about you when you access and use our services through our website. The types of information we keep on record will depend on the type of product or service requested by you.
We may keep a record of the following types of information about you:
- Personal information that you give us when you use the website, such as your name, email address, address, and postcode;
- If you provide them to us, the name of your product provider, credit provider or product details for specific products that you hold;
The Facebook profile information identified in the ‘Log in’ form, if you choose to log in or sign up to our website using Facebook;
- Pages of the website that you have visited;Your IP address for your interaction with various parts of our website. Your IP address is the identifier for your computer when you are using the internet;
- Other information voluntarily provided by you;
- Any other information we need to enable us to deliver services to you;
- Personal information that you give us when you visit the Canstar office, such as photographs we take of you with your permission, and physical or digital signatures.
We do not seek to collect sensitive information (for example health information or information about your racial or ethnic origin or any criminal record), unless it is necessary for our business purposes. If we do have to collect sensitive information, we will do so in accordance with the Australian Privacy Principles.
During our dealings with you, we may gather information about you relating to all products and services that we or our business partners provide to you. This information is used to help us decide how we can improve our service delivery to you, or to provide you with information that we think may be of interest to you.
Your web browser may automatically accept cookies and local storage on your computer.
Canstar also works with selected third parties in providing you services that we think may be of interest to you. Canstar may attach a cookie to your browser during your visit to our websites. These cookies may be used to provide relevant advertising to you by us or third parties, or to determine what marketing or advertising is delivered to you on our website and on other sites.
You can usually modify your settings to decline cookies and/or local storage if you wish. Note that if you do that, this might stop you from being able to use all the services on our website. It is usually possible to stop your browser accepting cookies, disable local storage or to stop it accepting cookies from a particular website. Each browser is different, so check the ‘Help’ menu of your browser to learn how to change your preferences. You need not give us any of the personal information that we may request. However, without that information, we may not be able to fulfil your request or provide you with the services you want.
Information collected for particular services
By using the Credit Score service, you confirm to Canstar that:
- you are authorised to provide the requested personal details to Canstar
- you are aware of and consent to
- the purpose for which your personal information is sought as disclosed by Canstar in the Credit Score service website pages
- that personal information provided by you in relation to the Credit Score services will be used by Canstar and its third-party service provider for the verification of your identity. This is done by use of an Information Match Request made to an Official Record Holder, and (if verified) the provision of a credit score
- that any Information Match Result provided in response to the Information Match Request will be provided via the use of third party systems, and
- Canstar retaining a record of access to the Credit Score service being initiated by you, and all consents you give to
the collection, use and storage of your personal information in relation to the Credit Score service.
Home Loan Rate Checker
In order to provide the service, we need to collect data about your current home loan including State, Loan Amount, Loan Term, Lender, Loan Type, Repayment type and Repayment frequency. This information is used in an automated tool that enables our database to show you comparable loan products and interest rates. We do not store this data. For compliance purposes we retain a log file of the time of the session and results displayed.
As part of this service we collect and store separately from the log file your name and email address for the purpose of sending you email updates about home loan products and related services.
Credit Card safety
We have put in place a credit card payment facility for some of our services. This is provided by ‘SecurePay’, a third party payment gateway supplied by Australia Post. We do not store your credit card details, or have access to them.
When you input your credit card details, SecurePay retains the information and issues Canstar with a unique token identifier. This token then allows Canstar to process your payment against your credit card. If applicable, it also allows us to update the date your subscription is paid to.
How do we use your personal information?
We use your personal information to:
- respond to your requests and directions;
- provide products and services to you and, where possible, to provide information customised for you;
- improve our website, products and services;
- contact you from time to time by telephone or email about new products, services or offers;
- update you about what we’re doing that you may find of interest;
- deal with complaints or issues you may have in relation to our services;
- review your dealings with us, including the products and services you use, your potential needs, and new products that might be of interest to you or other customers;
- maintain our internal records, such as billing;
- ensure our internal business operations are running smoothly which may include fulfilling legal requirements and conducting confidential systems maintenance and testing;
- help preserve the personal safety and security of our customers, website users, staff and the public;
- provide you with relevant and timely advertising
Information collected by cookies or tracking tags on our website may be disclosed in a non- identified or aggregated format to third parties including website analytics services (e.g. Google Analytics), data management platform operators, advertisers, referral partners and media agencies. We do not share your personal information with our partners unless it is required for the provision of a particular website service, and we have disclosed this to you and you have consented.
Where we share your personal information
We must get your consent before we disclose your personal information. You can give us your consent expressly or it may be implied by your conduct.
By using our services you are deemed to have consented to our use, disclosure and other matters in relation to your personal information, as set out in this policy.
We may share your personal information:
- to any organisation which you request us to, including a financial institution, financial adviser, service provider, product specialist, broker, solicitor, or accountant;
- to the cloud, as part of our normal business operations (e.g. backing up our systems, operating a third party app on our website);
- to our external service providers such as IT service providers (e.g. a provider of web hosting services). Some of these may be located overseas. Canstar may store your personal information on servers in overseas web hosting facilities;
- to our related companies and other organisations where reasonable to do so in relation to the operation of our business;
- to protect and defend our rights or property;
- if we consider it necessary to do so in order to enforce or apply the terms of any of our agreements with you;
- to contractors providing licensed collections services, credit card payment processing and CRM services, who comply with our privacy and security policies;
- if we sell our business or part of it;
- in extreme circumstances, to protect the personal safety of our customers, website users, staff or the public;
- to law enforcement, regulatory and government bodies, government agencies and courts, if we are required by law to do so.
We take reasonable steps to protect your personal information from misuse, loss, unauthorised access, modification or disclosure.
How do we store personal information?
We provide a robust level of security when you use our website or when you sign in as a visitor to our office. We have physical, electronic and procedural safeguards to protect your information which is held by us.
Access to information stored electronically is restricted to staff and contractors whose job purpose requires access. We use secure methods to destroy or de-identify any personal information as soon as the law permits, provided the information is no longer needed by us for any purpose. Data is retained for up to 7 years as required by law. We continuously monitor and update our website security to minimise the risk of hacking.
Data used and stored by Canstar is mostly hosted in Australia. From time to time Canstar may store (disclose) your personal information on servers in overseas web hosting facilities.
The Australian Privacy Principles require that we take reasonable steps, dependent on the circumstances of that personal information, to ensure that the overseas service provider to whom personal information is disclosed does not breach Australian privacy laws (the “Requirement”).
When you provide us with your personal information you consent to the disclosure of your information to an overseas provider. Your consent to this disclosure means that the Requirement does not apply and Canstar will not be held accountable under the Privacy Act for any breaches of the Privacy Act by the overseas provider.
Where commercially feasible, Canstar will contract with hosting providers using services in Australia, or who agree to comply with the Australian Privacy Principles.
Amendment of this policy
If you do not wish to receive information about our products and services then please tell us. You can do this at any time by writing to us or telephoning us at the contact details listed below.
Access to your information
You can request access at any time to personal information we hold about you by using the contact details below. We will process your request within a reasonable time, usually 14 days for a straightforward request. More time may be needed, depending on the nature of the request. There is no fee for requesting access to your information; however we may charge you the reasonable cost of processing your request. Sometimes we are not required to provide you with access – for example, if the law says we can deny access. If we refuse you access to your personal information, we will tell you the reason why.
Correction of information
We try to ensure that all information we hold about you which we collect, use or disclose is accurate, complete and up to date. You must promptly notify us if there are any changes to your personal information. You may ask us at any time to correct personal information held by us about you, which you believe is incorrect or out of date. We will deal with your request within a reasonable time
In this policy, reference to “we/us” means CANSTAR Pty Limited A.C.N. 053 646 165, AR 443019.
Contact Details and Complaints
By telephone: (07) 3837 4100 9am – 5pm on business days in Brisbane, Qld.
By email: email@example.com
We will try to answer any questions you may have, correct any error on our part or resolve any complaint that you may have about our information handling practices. If we do not resolve a complaint to your satisfaction, you also have the right to complain to the Office of the Australian Privacy Commissioner, Tel: 1300 363 992 or email:firstname.lastname@example.org