Credit Reporting Policy
This Credit Reporting Policy was last updated on 13 September 2023.
The Privacy Act 1988 (Cth) (Privacy Act), the Australian Privacy Principles (APPs), and the Privacy (Credit Reporting) Code 2014 (Code) govern the way in which Kallipr Pty Ltd ACN 619 635 924 and Kallipr Regional Pty Ltd ACN 648 096 360 (Kallipr) must manage credit-related information and this policy describes the information Kallipr collects and holds, how Kallipr uses that information, how that information may be disclosed, the security of that information, how you can access and correct any such information and other relevant details concerning privacy.
1. General
1.1 Commercial Credit Terms
(a) This Credit Reporting Policy will be provided in conjunction with an application from an applicant (Applicant) to purchase goods and services from Kallipr on commercial credit. For the purposes of this Credit Reporting Policy, a ‘Relevant Person’ of an Applicant is:
(i) where the Applicant is an individual (including a sole trader and individual trustee of a trust), the Applicant themselves;
(ii) where the Applicant is a corporation (including a corporate trustee of a trust), the directors of the Applicant;
(iii) where the Applicant is a partnership, the partners; and
(iv) a guarantor of an Applicant (where such guarantor is an individual, or individual trustee of a trust), or the directors or partners of a guarantor of an Applicant (where such guarantor is a corporation, corporate trustee of a trust, or partnership).
(b) Kallipr does not provide consumer credit.
2. Collection of Information
2.1 Types of information collected
(a) Kallipr may collect and hold personal information about you, that is, information that can identify you, and is relevant to providing you with the products and services you are seeking. If you are an Applicant (or a Relevant Person of an Applicant), we are likely to provide you with products and services on credit terms (that is, you will pay for those products or services after we start providing them to you). As such, we may collect and hold various information related to your financial position and your creditworthiness (such as ‘credit information’, ‘credit-eligibility information’, ‘CRB derived information’, and ‘CP derived information’ (as those terms are defined in the Privacy Act), detailed further below).
(b) In this Credit Reporting Policy, the term ‘credit-related information’ is used to capture some or all information related to your financial position, such as credit that has been provided to you, or that you have applied for, which may have a bearing on your creditworthiness and which Kallipr may use in its decision to approve or reject a credit application. Credit-related information includes:
(i) information about your financial position, including income, liabilities, and repayment capacity (we do not disclose this information to credit reporting bodies);
(ii) credit information, such as:
(A) identity details (including aliases);
(B) the fact that you have applied for credit, the type of credit, and the amount;
(C) personal insolvency information;
(D) the identity of your other credit providers;
(E) consumer credit liability information;
(F) the opinion of a credit provider that you have committed a serious credit infringement;
(G) court proceedings information that relates to any credit that has been provided to, or applied for by you;
(H) the fact that credit provided to you has been paid or otherwise discharged (including the date of discharge);
(I) advice that payments are no longer overdue and the date on which overdue payments were made; and
(J) publicly available information that relates to your activities in Australia and your credit worthiness (other than court proceedings information or information that you are entered or recorded on the National Personal Insolvency Index);
(iii) credit eligibility information, such as:
(A) a credit score provided by a credit reporting body;
(B) default information;
(C) repayment history information;
(D) credit inquiries;
(E) court proceedings information;
(F) personal insolvency information; and
(G) information associated with your overall credit worthiness.
(H) CRB derived information, such as a credit score or credit rating.
(c) The kinds of ‘CP derived information’ Kallipr derives from information disclosed to Kallipr by credit reporting bodies includes Kallipr’s own score of your credit worthiness, and a risk profile analysis.
2.2 Method of collection
(a) Where possible, Kallipr will collect credit-related information directly from you through the use of its Commercial Credit Terms, its standard forms, via email, through telephone conversations, in person, or via its website. However, Kallipr may also collect credit-related information from credit reporting bodies. In certain situations, credit eligibility information may be disclosed to Kallipr from another credit provider (for example, if Kallpr enters into a co-financing arrangement with a third party credit provider). Kallipr may also collect credit-related information about you from third parties acting on your behalf.
(b) If Kallipr receives unsolicited information about you that it did not ask for or which is not directly related to Kallipr’s functions or activities, Kallipr may be required to destroy or de-identify that information, provided it is lawful and reasonable to do so.
2.3 Purpose of collection
(a) Kallipr collects and uses your credit-related information for the following purposes:
(i) assessing your and the Applicant’s financial position and the application for a credit account;
(ii) providing the Applicant with credit;
(iii) securitisation-related purposes;
(iv) Kallipr’s internal management purposes that are directly related to the management of credit, including:
(A) assisting the Applicant to avoid defaults;
(B) collecting any amount(s) the Applicant or you may owe Kallipr in relation to such credit and dealing with serious credit infringements;
(C) assigning Kallipr’s debts;
(D) participating in the credit reporting system;
(E) dealing with complaints or regulatory matters relating to credit or credit reporting;
(v) where Kallipr reasonably believes you have committed a serious credit infringement; and
(vi) where otherwise required or permitted by law.
2.4 Failure to provide information
If you do not provide the credit-related information requested, or prevent Kallipr from obtaining credit-related information from a credit-reporting body, or the information provided is incomplete or inaccurate, Kallipr will not be able to assess the Applicant’s application for a credit account.
3. Use and disclosure
3.1 Disclosure
(a) Generally, Kallipr only uses or discloses credit-related information about you for the purposes for which it was collected (as set out in clause 2.3(a)). Kallipr may disclose credit-related information about you to:
(i) its workers and contractors to facilitate its internal business processes;
(ii) credit reporting bodies, such as illion Australia Pty Ltd (contact details are available at https://www.illion.com.au/contact-us/);
(iii) third parties who assist Kallipr in processing the Applicant’s credit application or managing the credit provided by Kallipr;
(iv) third parties for securitisation purposes;
(v) third parties for the purposes of considering whether to accept an assignment of debt, or to take an interest in the credit provider;
(vi) other Australian credit providers (either with your consent, or as permitted by law);
(vii) enforcement bodies;
(viii) external dispute resolution providers;
(ix) guarantors or proposed guarantors (either with your consent, or as permitted by law);
(x) credit insurers;
(xi) debt collectors;
(xii) third parties who assist Kallipr in operating its business and providing services to the Applicant (including information technology service providers and professional advisers such as lawyers, accountants, and auditors) and these third parties may not be required to comply with Kallipr’s privacy policy;
(xiii) third parties to whom you have agreed Kallipr may disclose its information;
(xiv) third parties where the credit-related information was collected from you for the purposes of passing that information on; and
(xv) as otherwise permitted and required by law.
(b) For clarity, your consent to the disclosure under clauses 3.1(a)(vi) is 3.1(a)(ix) obtained via the Commercial Credit Terms.
(c) If Kallipr disclose your information to other credit reporting bodies in the future, it will notify you.
(d) The credit reporting bodies Kallipr discloses credit-related information to may include such information in reports provided to other credit providers to assist them to assess an individual’s credit worthiness. If the Applicant does not pay for the products and services provided to the Applicant, if the Applicant or you commits fraud or tries to do so, or if the Applicant or you otherwise commits a serious credit infringement, Kallipr may disclose this information to the credit reporting bodies. This may affect your ability to obtain credit in the future.
(e) You may (by using the contact details set out in clause 3.1(a)(ii)) request that a credit reporting body does not:
(i) use your credit reporting information for the purposes of pre-screening of direct marketing; or
(ii) disclose your credit reporting information if you reasonably believe you have been, or are likely to be, a victim of fraud.
(f) Kallipr may expand or reduce its business and this may involve the sale and/or transfer of control of all or part of its business. Credit-related information, where it is relevant to any part of the business for sale and/or transfer, may be disclosed to a proposed new owner or newly controlling entity for their due diligence purposes, and upon completion of a sale or transfer, will be transferred to the new owner or newly controlling party to be used for the purposes for which it was provided under this Credit Reporting Policy.
3.2 Disclosure of information overseas
Kallipr is assisted by a variety of external service providers to operate its business and deliver its products and services, some of whom may be located overseas, and to whom Kallipr is likely to disclose your information. These third parties are too numerous to list, and they change from time to time. Some examples of the types of third parties include technology service providers such as Salesforce and Pardot, Salesforce’s Marketing Cloud Account Engagement tool who are located in the United States of America. Kallipr takes reasonable steps to ensure these third parties have appropriate security for your personal information.
4. Security
(a) Kallipr stores credit-related information in different ways, including in paper and in electronic form. The security of such information is important to Kallipr. Kallipr takes all reasonable measures to ensure that credit-related information is stored safely to protect it from interference, misuse, loss, unauthorised access, modification or disclosure, including electronic and physical security measures.
(b) Some of the information Kallipr collects is hosted on third party data servers, which may be located outside of Australia. Kallipr takes reasonable steps to ensure any third party data storage suppliers it partners with have appropriate cyber and physical security controls in place.
(c) Where information Kallipr holds is no longer necessary, Kallipr deletes the information or permanently de-identifies it, subject to specific laws in respect of data retention.
5. Access and correction of information
(a) You may access the credit-related information Kallipr holds about you by making a written request. Kallipr will respond to the request within a reasonable period. Kallipr may charge a reasonable fee for processing the request (but not for making the request for access).
(b) Kallipr may decline a request for access to information in circumstances prescribed by the Privacy Act, and if it does, Kallipr will provide a written notice that sets out the reasons for the refusal (unless it would be unreasonable to provide those reasons), including details of the mechanisms available to make a complaint.
(c) When making a request to access credit-related information, you should also request access to credit-related information held by credit reporting bodies.
(d) If, upon receiving access to the credit-related information or at any other time, you believe the information held about you is inaccurate, incomplete or out of date, please notify Kallipr immediately. Kallipr will take reasonable steps to correct the information within 30 days (or another time frame agreed in writing) so that it is accurate, complete and up to date.
(e) If Kallipr refuses to correct the information (for example, where it would be unlawful), Kallipr will provide a written notice that sets out the reasons for refusal (unless it would be unreasonable to provide those reasons), including details of the mechanisms available to make a complaint.
6. Complaints and feedback
(a) If you have any queries or concerns about this Credit Reporting Policy or the way Kallipr handles your credit-related information, or you wish to make a complaint about a breach of the Privacy Act, the APPs, or the Code, you should contact Kallipr using the details below, and Kallipr will take reasonable steps to investigate the complaint in accordance with its dispute resolution process, and respond to the queries and concerns within 30 days (or another time frame agreed in writing):
(i) Postal address: 61 Metroplex Avenue, Murarrie Qld 4172
(ii) Email address: privacyofficer@kallipr.com
(iii) Website: https://kallipr.com/
(b) If after this process you are not satisfied with Kallipr’s response, you can submit a complaint to the Office of the Information Commissioner. To lodge a complaint, visit the ‘Complaints’ section of the Information Commissioner’s website, located at http://www.oaic.gov.au/privacy/privacy-complaints, to obtain the relevant complaint forms, or contact the Information Commissioner’s office.
7. Changes to this Credit Reporting Policy
(a) The date at the top of this page indicates when this Credit Reporting Policy was last updated. From time to time, Kallipr will have to update this Credit Reporting Policy, and will update it no less than once every 12 months.
(b) Kallipr reserves the right to make amendments to this Credit Reporting Policy at any time. Kallipr will provide you with reasonable notice of any amendments to this Credit Reporting Policy which would have a material adverse effect on you before such amendments take effect.
8. Further information
If you require any further information or have any queries regarding this Credit Reporting Policy, please contact Kallipr at the details set out above.
Statement of Notifiable Matters under the Credit Reporting Privacy Code
Under the Credit Reporting Privacy Code, there are several ‘notifiable matters’ that Kallipr is required to disclose at or before the time of collecting personal information about an individual that is likely to be disclosed to a credit reporting body.
Those matters are:
(a) the credit reporting body may include the credit information we provide to it in reports, which it then provides to other credit providers to assist those other credit providers to assess your credit worthiness;
(b) if you commit a serious credit infringement, we may disclose this to a credit reporting body;
(c) you can request a copy of this Credit Reporting Policy by contacting us, or obtain it directly from our website;
(d) you can request a copy of ilion’s credit reporting policy from its website (https://www.illion.com.au/illion-credit-reporting-policy-australia/) or by contacting them via +61 3 9828 3200;
(e) you have the right to access credit information we hold about you, request that we correct the information, and make a complaint, as set out further in the remainder of this Credit Reporting Policy;
(f) you can request a credit reporting body not to use your credit reporting information for the purposes of pre-screening of direct marketing by us, and
(g) you can request a credit reporting body not to use or disclose your credit reporting information if you believe on reasonable grounds that you have been, or are likely to be, the victim of fraud.
You can ask us to provide you a hard copy of this policy (including the Statement of Notifiable Matters).