Credit Reporting Policy | Rabobank AU
skip to content1

Credit Reporting Policy

This Credit Reporting Policy contains information about how Rabobank Australia Group (RAG) entities collect, handle, manage and use your credit-related personal data (credit data), including data about your credit applications and credit accounts and your credit reporting data that we obtain from credit reporting bodies (CRBs) such as Equifax. This policy is relevant to current and former credit customers, as well as other individuals we deal with in connection with credit we provide to you, such as guarantors.

Key concepts

When we use the terms RAG entity, we, our, us; it means each member of the Rabobank Group based in Australia, being:

  • Coöperatieve Rabobank U.A. (Australia Branch) (ABN 70 003 917 655)
  • Rabobank Australia Limited (ABN 50 001 621 129)
  • Rabo Australia Limited (ABN 39 060 452 217)
  • Rabo Equipment Finance Limited (ABN 37 072 771 147)
  • Soft Commodity Trading Pty Limited (ABN 45 085 595 562)
  • GrainCorp Pools Pty Limited (ABN 45 095 759 890)

Each Rabobank Australia Group entity collects and processes the credit data it holds about you in accordance with the Privacy Act 1988 (Cth) ("Privacy Act") and the Australian Privacy Principles set out in that Act and the Privacy (Credit Reporting Code) Code.

Our management of your other personal data is set out in our Privacy Policy, available by visiting and selecting 'Privacy' at the bottom of the page.

What credit data we collect

We collect, handle, manage and use various types of credit data including:

  • Identity particulars
  • The fact that you have applied for credit and the type and amount of that credit
  • The fact that we are a credit provider to you and the type, characteristic and maximum amount of credit provided to you
  • The day on which the credit is entered into and day on which it is terminated or otherwise ceases to be in force
  • Your repayment history data
  • Payments owed to us in connection with credit provided to you which are overdue more than 60 days and for which collection action has commenced
  • Cheques drawn by you which have been dishonoured more than once
  • Advice that payments are no longer overdue
  • In specified circumstances, that in our opinion you have committed a serious credit infringement
  • That the credit provided to you by us has been paid or discharged
  • Scores, ratings, evaluations and other information relating to your credit worthiness which is derived by us or a CRB.

How we collect your credit data

Credit data is generally collected directly from the person concerned or from persons acting on their behalf, usually at the time of contact or when taking out a new product from us. The collection of most credit data will be made with your express consent which will usually be obtained at or around the time you take out a new product with us (i.e. when you sign an application for credit).

If your express consent is not provided, or you object to this processing then, we will not collect this data. However, this may mean that we will not be able to accept your application.

Sometimes credit data is also collected from a third party, for example a person's credit history from a CRB, such as Equifax or other credit providers such as other banks. At or before the time or, if that is not practicable, as soon as practicable after, where we collect credit data about an individual, we will take reasonable steps in the circumstances to let that individual know we have their credit data. The collection of credit data may also be collected where such data is in the public domain or is derived by us from your usage and (where applicable) repayment of any account held with us or other credit providers associated with us.

How we hold your credit data

Your credit data can be accessed only by individuals who need to have access, owing to their position. All of these people are bound by a duty of confidentiality. We have practices and policies in place to provide a high level of security to protect credit data.

We take all reasonable precautions to protect your credit data by:

  • Regularly assessing the risk of misuse, interference, loss and unauthorised access to credit data we hold from both internal and external threats;
  • Taking action to address any identified risks such as the use of dedicated secure networks or encryption when we send credit data electronically or the implementation of physical security measures to our locations;
  • Conducting regular reviews and audits to assess the quality of the actions we have implemented.

Lawful grounds for processing your credit data

We may process your credit data on the following lawful grounds:

  • Legal obligation: where we process your credit data to comply with our legal obligations.
  • Perform an agreement: where we process your credit data to enter into an agreement or perform our agreement with you.
  • Consent: where you have provided your consent to us to process your credit data.

In addition to the above common lawful grounds, we may also process your credit data if we have a legitimate interest in doing so, and as long as the legitimate interest does not prejudice your right to privacy. We will only process your credit data on the ground of legitimate interest if the other lawful grounds do not apply. Our legitimate interests include:

  • Protecting our own financial position.
  • Combatting fraud to prevent damage to us, but also the financial sector, and to protect yours and our security.
  • Improving our business processes, taking measures in the context of company management and performing audits on our internal processes.
  • Making sure that our clients are financially healthy. For example, identifying at an early stage that you may have payment problems.

Why we collect, hold and use your credit data

We need to be in a good position to decide whether or not you are likely to repay your loan when you apply to us for credit.

We base our decision on your current financial position and on your credit history. This means that we will consider the data you give us in your application and may make enquiries with and obtain further data from a credit reporting body and other credit providers you have borrowed from previously.

We may collect, hold and disclose your credit data as reasonably necessary for our business purposes and as permitted by law such as:

  • To make decisions as to whether to provide you with credit;
  • Evaluate your credit worthiness as a borrower or guarantor;
  • Manage credit provided to you;
  • Participate in the credit reporting system and providing data to credit reporting bodies as permitted by Part IIIA of the Privacy Act and the Credit Reporting Code;
  • Provide you with information about products and services;
  • Administer products and services, answering your ongoing requests and complaints, varying and developing products and services, taking any required legal action in relation to our accounts and managing our relevant product portfolios;
  • Derive evaluations relating to your credit worthiness used in our decision-making processes and ongoing reviews;
  • Undertake securitisation activities;
  • Assist you to avoid defaulting on your credit-related obligations; and
  • Consider financial difficulty requests.

Where the Privacy Act applies, we can only give your credit data to a credit reporting body if we have told you first that we will do so and we can only obtain data about you from a credit reporting body if we have your consent.

Collection of credit data from CRBs

We may collect credit data about you from the following CRBs:

Equifax Australia

Telephone: 13 83 32
Mail: Equifax Australia Information Services and Solutions Pty Limited, PO Box 964, North Sydney, NSW 2059

You may obtain a copy of Equifax’s policy about their management of credit reporting information by contacting them directly or visiting their website.


Telephone: 1300 784 134
Mail: Experian Australia Credit Services Pty Ltd, PO Box 1969, North Sydney NSW 2060

You may obtain a copy of Experian's policy about their management of credit reporting information by contacting them directly or visiting their website.

illion (formally known as Dun & Bradstreet)

Telephone: 1300 734 806
Mail: illion Australia Pty Ltd, PO Box 7405, St. Kilda Rd Melbourne VIC 3004

You may obtain a copy of illion’s policy about their management of credit reporting information by contacting them directly or visiting their website.

The Privacy Act and Privacy (Credit Reporting) Code limit what we can do with the data we obtain from a CRB. Generally, it can only be used in relation to the credit products you hold through us.

Disclosure of credit data to overseas and other recipients

We operate our banking activities globally and we will disclose your credit data to overseas recipients including other Rabobank Group entities and external service providers.

We may disclose your credit data outside Australia to:

  • Other members of the Rabobank Group of companies for consolidated reporting and compliance purposes (including regulatory and legislative requirements of any member of the group) and the administration and management of your facilities; and
  • Entities which provide services required to supply you with your products and services.

Countries to which your credit data may be disclosed are The Netherlands, the United Kingdom, Belgium, Luxembourg, Singapore, Hong Kong, the United States, New Zealand and Canada.

Where we disclose credit data overseas we take reasonable steps to certify the recipient meets our privacy standards in protecting your credit data and complies with the Australian Privacy Act. We do so by entering into contracts with confidentiality arrangements in place and to confirm that they use or disclose personal data only for the specific service we ask them to perform or the product/service we ask them to provide.

Disclosure of credit data to CRBs

To help us with the wide range of tasks associated with our business of the provision and management of credit, we may disclose your credit data to CRBs. Under the Privacy Act and Privacy (Credit Reporting) Code, CRBs are permitted to handle credit data. If you apply for any kind of credit or offer to act as guarantor, we may disclose your credit data to a CRB. We may process your credit data to evaluate your credit worthiness as a borrower or guarantor, for which we may disclose to a CRB. Other credit data which we may disclose to a CRB includes the conduct of your credit products with us. For example, if you fail to meet your payment obligations in relation to your credit products, or commit a serious credit infringement, we may be entitled to disclose this to a CRB. CRBs may include your credit data provided by us in reports provided to other credit providers to assist them to assess your credit worthiness (such as when you have applied for a loan from the provider). Each CRB has a policy for managing your credit data that you may access by contacting the CRBs using the details listed above.

In addition, CRBs offer a credit prescreening service to credit providers wishing to send direct marketing material about credit services to individuals. You may request that CRBs not use your data for this purpose. To opt out of credit pre-screening, contact the CRB, using the contact details on their websites noted above. You can also ask a CRB not to use or disclose your data for a period if you believe on reasonable grounds that you have been or are likely to be a victim of fraud.

Access to your credit information

Under the Australian Privacy Act, you have a right to request access to your credit data and to request its correction. Your rights to access your credit data are subject to some limitations. For example, we do not have to provide you with access to the extent it would be illegal to do so and we may need to give you access in a way that preserves the confidentiality of any methodology, data analysis methods, computer programs or other data used by us to derive relevant data.

Correction of your credit data

If you request us to correct your credit data we hold, we will take such steps (if any) as are reasonable to confirm that, having regard to the purpose for which it is held, the information is accurate, up-to-date, complete, relevant and not misleading.

How do you make a request for Access or Correction of your credit data?

To make a rights request to your personal data please visit our Individual Rights Portal.

You may also contact us through the channels described in the section below.

If you make an access or correction request, we will answer this within one month after we have received the request.

If we refuse to provide you access or to correct the credit data as requested by you, we will give you a written notice that sets out:

  • The reasons for the refusal except to the extent that it would be unreasonable to do so; and
  • The mechanisms available to complain about the refusal.

If you have a concern or complaint

If you have a concern or complaint about the privacy of your credit data held by us, including a breach of the Australian Privacy Principles under the Privacy Act or the Privacy (Credit Reporting) Code, please contact us by using the details below:

Rabobank Australia Rabobank Online Savings (RaboDirect)
Phone 1800 025 484

MON - FRI 8am - 6pm (Sydney time)
or call your local area manager

If you're overseas call
+61 2 8115 2240
Phone 1800 445 445

MON - FRI 8am - 7pm (Sydney time)

If you're overseas call
+61 2 8115 2558

Alternative contact methods can be found here: Contact Us

We will give you written acknowledgement of your complaint within 5 business days after receiving it, setting out how we will respond to it. We will investigate and respond to your complaint within 21 days. If we are unable to resolve your complaint within 21 days, we will tell you that we need more time to investigate the complaint. If we are unable to resolve your complaint within 45 days, we will tell you the reason for the delay, the date by which you can reasonably expect to hear an outcome of our investigation. We will also provide you with monthly updates.

If you are not satisfied with the resolution offered by Rabobank, you have the following options:

  1. Have your complaint either reviewed by the Rabobank Customer Advocate;
    The Rabobank Customer Advocate can be contacted by email:
  2. Access our external dispute resolution service, the Australian Financial Complaints Authority (AFCA).
    You can contact AFCA by website or phone:
    • 1800 931 678
  3. Access the Office of the Australian Information Commissioner (OAIC)
    You can contact OAIC as follows:
    • Email; or
    • Telephone on 1300 363 992 or, if calling from outside Australia, +61 2 9284 9749; or
    • Writing to The Office of the Australian Information Commissioner, GPO Box 5218, Sydney NSW 2001.

Can we change this Credit Reporting Policy?

Yes, we review our Credit Reporting Policy on a regular basis and that means that it may change from time to time. This is possible if there are new data processes and these changes are important to you. We will of course keep you informed of material changes to this Policy. You can always find the most current version of our Credit Reporting Policy at

Latest version: December 2020

How to contact the Privacy Officer?

If you have any general feedback or queries regarding the way Rabobank handles your credit data, you may also contact the Privacy Officer:

Cookie Notice
We use cookies to collect data when you visit our website. We do this for security and functionality purposes and to provide you with a better website experience. For more information on how we use cookies, please see our Cookies page.