About this policy
Use and disclosure
Disclosure to overseas recipients
Access and correction
Opting out of product promotions
Storage and security of your personal information
Changes to this policy
Privacy queries or complaints
European Union General Data Protection Regulation (GDPR)
This document sets out how the Bendigo and Adelaide Bank Group safeguards your privacy.
In this document, the Bendigo and Adelaide Bank Group (‘we’, ‘our’ or ‘us’) includes all or any of the following:
- Bendigo and Adelaide Bank Limited, including its divisions Adelaide Bank, Bendigo Bank, Delphi Bank and Rural Bank
- Bendigo and Adelaide Bank Limited subsidiary companies, including Sandhurst Trustees, Leveraged Equities, National Mortgage Market Corporation and Up Money
- Alliance Bank®
- Bendigo Bank agencies
- Bendigo Bank franchises (including Community Bank branches)
- Community Enterprise Foundation™
- University Community Bank
Information about how we handle your credit related information is contained in our Credit Reporting Policy.
We recognise the importance of protecting your privacy and are committed to ensuring the continued integrity and security of the personal information you entrust to us.
We appreciate that the success of our business is largely dependent upon a relationship of trust being established and maintained with past, current and prospective customers, shareholders and other individuals with whom we conduct business. We will therefore continue to collect and manage your personal information with a high degree of diligence and care.
Our aim is to comply at all times with the privacy laws (incorporating the Australian Privacy Principles) that apply to us. If you have a comment, query or complaint regarding a privacy matter, we encourage you to discuss it with us.
We usually collect personal information directly from you. Sometimes we collect or confirm this information from a third party. We will use reasonable efforts to obtain your consent prior to contacting a third party for this purpose.
We collect personal information that includes details such as your:
- Date of birth
- Contact details (such as phone numbers and e-mail addresses)
- Financial information such as information about your use of financial products and services which you acquire from or through us
In some cases, we may need to collect sensitive information about you (such as health related information). We will first seek your consent to collect such information where we are required to do so.
As part of our business operations we also collect personal information from other individuals such as shareholders and suppliers.
We may collect personal information from you because we are required or authorised by an Australian law or court/tribunal order to collect that information. We will tell you if collection is required or authorised by law and provide you with details of the law, court or tribunal order. Examples include:
- Anti-Money Laundering and Counter-Terrorism Financing laws;
- The National Consumer Credit Protection Act 2009 (Cth); and
- The Income Tax Assessment Act 1936 (Cth).
We may collect personal information about you from commercially available third party databases.
We use your personal information in order to:
- Provide you with financial products and services (including situations where we are an agent for another product issuer)
- Assist you with your queries or concerns
- Comply with any legal or regulatory obligations imposed on us
- Perform our necessary business functions (such as internal audit investigations, performance reporting, research, product development and planning, assessing credit applications for new or existing loans and managing your credit accounts)
- Manage our share registry
To do this, we may disclose your personal information to organisations that carry out functions on our behalf. This may include for example mailing and printing houses, cheque and electronic transaction processors, information technology service providers, professional advisers, valuers, introducers and debt collection agencies. Our agreements with these entities ensure this information is only used to carry out functions on our behalf.
We may also disclose your personal information to regulators and government authorities as required by law.
Depending upon the type of product you have requested, we may also disclose your personal information to account holders and operators, guarantors, credit reporting bodies, the trustee or manager of a superannuation fund and insurance companies.
In the case of shareholders, personal information is disclosed to our share registry service provider.
We may also disclose your personal information to an individual or an organisation (a ‘third party’) if:
- You direct us to do so;
- You consent to the third party obtaining the information from us; or
- You consent to the third party accessing the information on our systems, and/or do anything which enables the third party to obtain access.
Your consent to a third party obtaining or accessing information may be implied from:
- Your use of any service or application which a third party provides to you, or makes available to you, which involves the third party obtaining or accessing personal information held by us or organisations like us; or
- You doing anything else which enables the third party to obtain access to the information.
You should never provide or disclose any of your pass codes to any third party to enable the third party to obtain or access your personal information. If you do, you may breach the terms and conditions applying to the products and services we provide to you and you may be liable for any unauthorised transactions that subsequently occur. Pass codes include PINs, internet and telephone banking passwords, and codes generated by security tokens.
We may also use your personal information to tell you about other financial products and services we think you may be interested in. This may include products and services offered or distributed by us or the companies with which we are associated. You can opt out of receiving this information at any time (see below Opting out of product promotions). We do not sell your personal information to third parties.
We provide services to a number of business partners and their customers. In order to provide these services, personal information may be used and exchanged. The personal information of these customers is given the same level of protection and treated in the same way as for our customers.
In some cases we may need to share some of your information with organisations outside Australia. For example, when we use service providers located overseas to perform a function on our behalf.
We may share your information with overseas organisations that are located in the following countries:
- The Netherlands
- New Zealand
When we share your information with organisations overseas we ensure appropriate data handling and security measures are in place.
In most cases you can access your personal information held by us. If you believe that personal information we hold about you is inaccurate, out of date or incomplete, you should contact us (see Contacting us below).
We will promptly update your personal information that is inaccurate, out of date or incomplete. In some cases we may request you provide us with supporting documentation to amend the personal information we hold about you.
If we do not agree that your information is inaccurate, out of date or incomplete, we will give you a written notice including the reasons why we do not agree with you and how you can make a complaint if you wish to do so.
You can opt out of receiving direct marketing material at any time by contacting us (see Contacting us below).
If you do opt out, we will continue to provide information in relation to your existing accounts or facilities only (including new features or products related to these accounts/facilities).
We will take reasonable steps to keep the personal information we hold about you secure to ensure that it is protected from misuse, interference, loss, unauthorised access, modification or disclosure.
Your personal information is stored within secure systems that are protected in controlled facilities. Our employees and authorised agents are obliged to respect the confidentiality of any personal information held by us.
You can also help to keep the personal information we hold about you secure by taking care before you authorise or otherwise assist any third party to obtain or gain access to that information (see Use and disclosure above).
We use our best efforts to ensure that information received via our Websites remains secured within our systems. We are regularly reviewing developments in online security; however, you should be aware that there are inherent risks in transmitting information across the internet.
Sometimes cookies are used by third party service providers with whom we have agreements for services such as monitoring the success of our marketing campaigns and providing data analytics or to provide core services and features on our websites. The third party service providers use the cookies to collect information such as when you visited our site, your browser type and your IP address. Information collected may also include randomly generated visitor and session identifiers.
The information is used in an aggregate form and generally no personal information is collected by the third party service providers. Our agreements with these third parties ensure this information is only used to carry out functions on our behalf, and if any personal information is collected the confidentiality of that information is maintained.
Most internet web browsers are pre-set to accept cookies to enable full use of websites that employ them. However, if you do not wish to receive any cookies on an internet web browser you may configure your browser to reject them or receive a warning when cookies are being used. In some instances, this may mean that you will not be able to use some or all of the services provided on our Websites . However you may still be able to access information-only pages.
If you are not satisfied with the response provided, you have the option to refer your complaint to the relevant external dispute resolution scheme.
We are a member of the Australian Financial Complaints Authority (AFCA).
AFCA provides fair and independent financial services complaint resolution that is free to customers. You can contact AFCA:
- In writing: GPO Box 3, Melbourne VIC 3001
- Telephone: 1800 931 678
- Email: email@example.com
- Website: www.afca.org.au
Time limits may apply to complain to AFCA and so you should act promptly or otherwise consult the AFCA website to find out if or when the time limit relevant to your circumstances expire.
If your complaint relates to how we handle your personal information you can also contact:
If you are in a country that is a member of the European Economic Area (EEA), you may be protected by the European Union General Data Protection Regulation 2016/679 (‘GDPR’). Read more information about our GDPR Policy.
If you have any questions about this policy, what personal information or credit related information we may hold in relation to you, or about the way we manage your personal information or credit related information you can contact us.
If you would like to contact an entity in the Bendigo and Adelaide Bank Group which is not listed, please contact 1300 236 344.
National Mortgage Market Corporation
Bendigo and Adelaide Bank Share Registry
Boardroom Pty Limited
ABN 14 003 209 836
GPO Box 3993
Sydney NSW 2001
Tel: 1300 032 762 (within Australia)
Tel: +61 2 8023 5417 (outside Australia)
Community Enterprise Foundation™
Date of Publication - September 2021