We are dedicated to providing you with the highest levels of customer service, which includes protecting your privacy.
Keeping client information secure is a top priority for DRA. This page is designed to help you understand how we handle the personal information about you that we collect and how you can control our disclosure of personal information about you.
DRA is also subject to the Privacy Act 1988. The Privacy Act contains a set of standards for the handling of your personal information known as the National Privacy Principles (NPPs). These principles set out standards for the handling of your personal information that DRA must meet.
They require DRA to:
- Only collect personal information about you that is necessary for the recovery of debt; accounts receivable; financial and credit management services; provision of credit and business information and credit risk assessment; or to meet any legal obligations imposed on DRA.
- Use only fair (accepted industry standards) and lawful ways to collect personal information.
- Collect personal information directly from a client, subject or debtor if it is reasonable and practicable to do so.
- Take reasonable steps to ensure the client, subject or debtor is aware of any information DRA collects even if DRA has collected it from someone else (a third party).
- Obtain consent to collect sensitive information about you unless specified exemptions apply.
- Permit only authorised personnel, who are trained in the proper handling of client information, to have access to that information. Personnel who violate our Privacy Promise will be subject to our disciplinary procedures.
- Not reveal customer information to any external organisation unless we have previously informed the customer in disclosures or agreements (such as this document), or have been authorised by the customer, or are required by law or our regulators. We will always maintain control over the confidentiality of our client information.
- Whenever we hire other organisations to provide support services, we will require them to conform to our privacy standards and to allow us to audit them for compliance.
- Attempt to keep customer files complete, up-to- date, and accurate. We will tell our customers how and where to conveniently access their information (except when we are prohibited by law) and how to notify us about errors which we will promptly correct.
- Take reasonable steps to destroy or permanently de-identify personal information if DRA no longer needs it for any purpose for which we may use or disclose the information.
- Provide advice in a short document that sets out clearly expressed policies on the way DRA manages personal information and make it available to anyone who asks for it.
If any individual asks, DRA will take reasonable steps to let the individual know, generally, what sort of personal information we hold, what purposes we hold it for and how we collect, use and disclose that information.
If an individual asks us, we must give access to the personal information DRA holds about that individual unless particular circumstances apply that permit us to limit the extent to which we give access – these include emergency situations, specified business imperatives and law enforcement or other public interests.
If it is lawful and practicable to do so, DRA will give individuals the option of interacting anonymously with us.
How We Collect Personal Information
DRA collect personal information in a number of ways, including:
- Directly from you, when you provide information by phone, in person or in documents;
- From third parties such as the other Group Organisations, credit reporting agencies or your representatives;
- From publicly available sources of information;
- From our own records of how you use our services;
- When legally required to do so;
Categories Of Personal Information We Collect And Hold
The nature of the personal information we collect, and where it comes from, will vary according to the specific product or service, and may include:
- Information we collect from you during enquiries or on forms, such as name, address and telephone number, email address and other relevant details;
- Information about your financial transactions with us, affiliates, third parties (such as account balances), payment history, and account activity;
- Information we receive from credit bureau reports;
Purposes of Collecting Your Information
We will only collect personal information necessary for the product/service
These purposes may include:
- Processing a product/service request and providing what you require;
- Administering and managing those services, including charging, billing and collecting debts. Processing receipts and payments, and servicing customer’s accounts;
- Evaluating and monitoring credit worthiness;
- Informing you of ways the services provided to you could be improved;
- Responding to customer inquiries about products, services or accounts;
- Understanding customer’s needs and offering products and services to meet those needs;
- Maintaining our relationships with clients;
- Conducting market or customer satisfaction research;
- Researching and developing our services;
- Assessing, processing and investigating insurance risks or claims;
- Prevention and investigation of crime or fraud to protect your interests and our interests;
- Meeting legal and regulatory requirements.
Complaints and Disputes
If you have reason to believe that any DRA employee has breached the Privacy Policies outlined in this document, we urge you to raise this with our Privacy Officer.
We will investigate all complaints and respond to you within 14 days. If we find a complaint justified, we will promptly resolve it. If necessary, we will change policies and procedures to maintain our high standards of performance, service and customer care.
You are entitled under the Privacy Act to access the information an organisation holds about you, subject to some exceptions allowed by law. We want to make this as simple as possible for you. You can make the request in a letter, fax or email. (Please do not include account numbers or other sensitive data in email or fax, since they may not be secure.)
We will need to validate the identity of anyone making an access request, to ensure that we do not provide your information to anyone who does not have the right to that information.
Where a client establishes that the personal information we hold on them is not accurate, complete or up-to-date we will correct our records as necessary.
We may charge you an administration fee for providing access in accordance with your request. Your request will receive a response within 30 days.
Access to information about you is your right under the Privacy Act.
Help Us to Ensure We Hold Accurate Information
DRA take all reasonable precautions to ensure that the personal information we collect, use and disclose is accurate, complete and up-to-date. However, the accuracy of that information depends largely on the information you provide. That is why we recommend that you let us know if there are any errors in your personal information and keep us up to date with changes to personal information such as your name or address.
DRA Privacy Officer
GPO BOX 2378
Melbourne VIC 3001
PH: 1300 799 511