We take your privacy very seriously. Each Rabobank Australia Group (RAG) entity collects and uses the information it holds about you in accordance with its legal obligations. These obligations include those under the Privacy Act 1988.
RAG entity, we, us means each member of the Rabobank Group based in Australia, being:
- Coöperatieve Centrale Raiffeisen-Boerenleenbank B.A. (Rabobank) Australia Branch (ABN 70 003 917 655)
- Rabo Australia Limited (ABN 39 060 452 217)
- Rabobank Australia Limited (ABN 50 001 621 129)
- Rabo Equipment Finance Limited (ABN 37 072 771 147)
- Soft Commodity Trading Pty Limited (ABN 45 085 595 562)
- GrainCorp Pools Pty Limited (ABN 45 095 759 890)
What personal information do we collect?
‘Personal information’ means information or an opinion about an identifiable individual or an individual that is reasonably identifiable, whether the information is true or not; whether the information is recorded in a material form or not.
We collect personal information such as name, address, date of birth, gender, occupation, account details, contact details (including telephone and email addresses) and financial information. Sometimes we collect a few personal details unlikely to be known to other people to help us identify you over the telephone. If you are applying for credit we may also ask for the number and ages of your dependents, the length of time at your current address, details about your prior and current employment and business activities and proof of income. We use this information to assist us in making responsible credit decisions.
We may also collect information about individuals and the capacity in which they act, for example, trustees, guarantors, directors, shareholders and beneficiaries.
We may take steps to verify the information we collect, such as an employer in respect of your employment details. We may monitor and record telephone calls for training and security purposes.
We also need to collect information necessary to comply with Australian and international legal or regulatory requirements that have application to us and other members of the Rabobank Group. For example, the Anti-Money Laundering and Counter Terrorism Financing Act 2006 requires us to sight and record details of certain documents (i.e. photographic and non photographic documents) for customer identification and verification of identity.
For statistical purposes we collect information on website activity (such as the number of users who visit our website, the date and time of visits, the number of pages viewed and navigation patterns). This information does not identify an individual but it does provide us with statistics that we can use to analyse and improve our website.
The internet banking and other sections of our website (rabobank.com.au) use “per session” cookies which time the period you are logged in. The cookies do not collect any personal information and are removed once you exit that section of our website.
If you do not provide us with all the personal information we request, we may not be able to provide you with the products or services you seek from us.
How do we collect and hold personal information?
Personal information is generally collected directly from the person concerned, usually at the time of contact or taking out a new product from us. The collection of most personal information will be made with your consent which will usually be obtained at or around the time you take out a product from us. Sometimes personal information is collected from a third party, a public register (e.g. ASIC companies’ register) or a person’s credit history from a credit reporting body. At or before the time or, if that is not practicable, as soon as practicable after, where we collect personal information about an individual, we will take reasonable steps in the circumstances to let that individual know we have their personal information.
We take all reasonable precautions to protect the personal information we hold about you from misuse, interference, loss and unauthorised access. We have practices and policies in place which provide a high level of security to protect personal information. Our security measures include, but are not limited to:
- requiring our staff to use passwords and/or access tokens when accessing our systems;
- using firewalls, virus scanning software and anti intruder systems to protect against unauthorised access to and viruses in our systems;
- instructing our staff on their obligations concerning the handling of personal information;
- using dedicated secure networks or encryption when we send personal information electronically for outsourcing purposes; and
- using physical and electronic measures such as alarms, cameras and locked storage areas to protect against unauthorised access to personal information.
When information is no longer needed for the purpose for which it was collected or for the purposes of meeting our legal requirements we will securely destroy or de-identify it.
Why do we collect your personal information and to whom do we disclose it?
We collect personal information so that we may:
- properly manage and administer our customer relationships;
- provide our customers with the products and services they request;
- unless you tell us otherwise, provide you with marketing material, including information on products and services offered by RAG entities and our associated entities, including by telephone and by email communication; and
- comply with our legal obligations.
We may also use personal information for:
- assisting customers with their queries;
- monitoring and evaluating our products and services and monitoring, testing and developing our systems and infrastructure;
- detecting and preventing fraud and loss; and
- prudential, statistical and research purposes.
Depending on the product or service we provide to you, we may disclose your personal information to:
- brokers, agents and intermediaries who refer your business to us;
- valuers and insurers if property is being provided as security for a loan from us;
- other product and service providers for whom we act, so that they can provide you with the product or service you seek or have expressed interest in.
- a person acting on your behalf, including your financial adviser, solicitor, settlement agent, accountant, executor, trustee, guardian or attorney;
- other financial institutions and organisation at their request if you seek credit from them;
- agents and other persons who assist us to dispose of property or equipment given as security for a loan;
- other owners, borrowers and guarantors and their respective directors, trustees and beneficiaries (if any) related to any account you have with us, including an application for an account;
- any party pursuant to any domestic or international law or regulatory requirement, including a court or tribunal or an overseas government instrumentality or regulatory body which has jurisdiction over any member of the Rabobank Group;
- other members of the Rabobank Group including RAG entities and their associated entities;
- to a law enforcement body if reasonably necessary to assist with the enforcement of any law; and
- if you have been referred to us, the person who made the referral.
Associates entities of RAG entities include Achmea Schadeverzekeringen N.V.
Personal information will only be disclosed to third parties not identified in this document if you have consented or if you would reasonably expect us to disclose information of that kind to those third parties and the purpose of that disclosure is related to the primary purpose for which the information was collected.
We may disclose your personal information to external service providers when we outsource certain tasks and operations, including mailing, printing, direct marketing and information technology services. Where this occurs, we ensure that the service provider is contractually bound to keep the personal information confidential and only use it to perform the task required.
Securitisation involves the pooling and selling of assets such as loans to a special purpose vehicle. To undertake this process, we may disclose personal information to any person to whom our rights in pooled assets are to pass or proposed to pass and to any ratings agencies, trustees, investors and advisers involved in the transaction.
Exchanging information with credit reporting bodies
We need to be in a good position to decide whether or not you are likely to repay your loan when you apply to us for credit. We base our decision on your current financial position and on your credit history. This means that we will consider the information you give us in your application and may make enquiries with and obtain further information from a credit reporting body and other credit providers you have borrowed from previously.
We may collect, hold and disclose your credit-related information as reasonably necessary for our business purposes and as permitted by law such as to make decisions as to whether to provide you with credit, evaluate your credit worthiness, manage credit provided to you and participate in the credit reporting system and providing information to credit reporting bodies as permitted by Part IIIA of the Privacy Act.
Where the Privacy Act applies, we can only give your credit-related information to a credit reporting body if we have told you first that we will do so and we can only obtain information about you from a credit reporting body if we have your consent.
For further information relating to our dealing with credit-related information obtained from a credit reporting body, refer to our Credit Reporting Policy which is available on our website at rabobank.com.au.
Disclosure of personal information to overseas recipients
We may disclose your personal information outside Australia to:
- other members of the Rabobank Group of companies for consolidated reporting and compliance purposes (including regulatory and legislative requirements of any member of the group), the administration and management of your facilities and marketing; and
- entities which provide services required to supply you with your products and services.
This includes disclosures to The Netherlands, New Zealand, the United States, Singapore, Hong Kong, the United Kingdom and Luxembourg.
How do I access and correct my personal information?
All requests, queries and correspondence with us regarding privacy matters may be addressed to the Privacy Officer, Rabobank Group and sent:
- by email to the Privacy Officer, Rabobank Group at firstname.lastname@example.org; or
- by mail to the Privacy Officer, Rabobank Group, GPO Box 4577, Sydney NSW 2001.
Alternatively, you can telephone the Privacy Officer on 1800 825 484 between 8am & 6pm Monday to Friday Sydney time.
Under the Privacy Act, you have a right to request access to your personal information and to request its correction. In certain circumstances, we are not required to give you access to your personal information including where:
- giving access would have an unreasonable impact on the privacy of other individuals;
- we reasonably believe that giving access would pose a serious threat to the life, health or safety of any individual or to public health or public safety;
- the information is subject to a legitimate claim of legal professional privilege by us in respect of existing or anticipated legal proceedings between you and us;
- giving access would reveal evaluative information generated by us in connection with a commercially sensitive decision making process; and
- the request for access is frivolous or vexatious.
We will respond to your request for access to personal information within a reasonable period of time. We will give you access to the information in the manner requested, if it is reasonable and practicable to do so, having regard to:
- the volume of information requested;
- the nature of the information requested; and
- any special needs of the individual requesting the information.
We may charge you for giving you access to the requested personal information.
If you request us to correct personal information we hold about you, we will take such steps (if any) as are reasonable to ensure that, having regard to the purpose for which it is held, the information is accurate, up to date, complete, relevant and not misleading.
If we correct personal information that we previously disclosed to another entity and you request that we notify the other entity of the correction, we will take such steps (if any) as are reasonable in the circumstances to give that notification unless it is impracticable or unlawful to do so.
If you have a concern or complaint
If you have a concern or complaint about the privacy of your personal information held by us, including a breach of the Australian Privacy Principles under the Privacy Act 1988, you may contact our Privacy Officer.
We will give you written acknowledgement of your complaint within 7 days after receiving it, setting out how we will respond to it. We will investigate and respond to your complaint within 30 days. If we fail to resolve the complaint to your satisfaction, you may contact the Financial Ombudsman Service by telephone on 1300 780 808, or the Office of the Australian Information Commissioner (OAIC), as follows:
- Email email@example.com; or
- Telephone on 1300 363 992 or, if calling from outside Australia, +61 2 9284 9749; or
- Writing to The Office of the Australian Information Commissioner, GPO Box 5218, Sydney NSW 2001.
Changes to this Policy