About this policy
Use and disclosure
Disclosure to overseas recipients
Access and correction
Opting out of product promotions
Storage and security of your personal information
Changes to this policy
Privacy concerns or complaints
European Union General Data Protection Regulation (GDPR)
Further information about privacy
This document sets out how the Bendigo and Adelaide Bank Group safeguards your privacy. In this document, the Bendigo and Adelaide Bank Group (‘we’, ‘our’ or ‘us’) includes all or any of the following:
This document has been developed to follow a ‘layered’ format which means that it offers layers of detail. You can therefore read as much or as little as you like and can find what you need quicker.
Information about how we handle your credit related information is contained in our Credit Reporting Policy which is available on our website.
The Bendigo and Adelaide Bank Group recognises the importance of protecting your privacy. We are committed to ensuring the continued integrity and security of the personal information you entrust to us.
We appreciate that the success of our business is largely dependent upon a relationship of trust being established and maintained with past, current and prospective customers, shareholders and other individuals with whom we conduct business. We will therefore continue to collect and manage your personal information with a high degree of diligence and care.
Our aim is to comply at all times with the privacy laws (incorporating the Australian Privacy Principles) that apply to us. If you have a comment, query or complaint regarding a privacy matter, we encourage you to discuss it with us.
We usually collect personal information directly from you. Sometimes we collect or confirm this information from a third party such as a credit reporting body. We will use reasonable efforts to obtain your consent prior to contacting a third party for this purpose.
We collect personal information that includes details such as your:
In some cases, we may need to collect sensitive information about you (such as health related information). We will first seek your consent to collect such information where we are required to do so.
As part of our business operations we also collect personal information from other individuals such as shareholders and non-corporate suppliers. Where you are not a customer of ours you may still seek confirmation as to whether we hold information in relation to you.
We may collect information from you because we are required or authorised by an Australian law or court/tribunal order to collect that information. We will tell you if collection is required or authorised by law and provide you with details of the law, court or tribunal order. Examples of which include:
We may collect personal information about you from commercially available third party databases.
When you visit our website, apps or other web-based content and services (“Websites”), either we or our service provider will record information (such as your computer’s IP address and top level domain name, the type of browser you are using, the date, time and pages accessed) in relation to your visit.
We use your personal information in order to:
To do this, we may disclose your personal information to organisations that carry out functions on our behalf. This may include for example mailing and printing houses, cheque and electronic transaction processors, information technology service providers, professional advisers, account holders and operators, valuers, introducers, guarantors, debt collection agencies, regulators and government authorities. Our agreements with these entities ensure this information is only used to carry out functions on our behalf.
Depending upon the type of product you have requested, we may also disclose your personal information to credit reporting bodies, the trustee or manager of a superannuation fund and insurance companies.
In the case of shareholders, personal information is disclosed to our share registry service provider.
We may also disclose your personal information to an individual or an organisation (a ‘third party’) if:
Your consent to a third party obtaining or accessing information may be implied from:
You should never provide or disclose any of your pass codes to any third party to enable the third party to obtain or access your personal information. If you do, you may breach the ePayments Code and the terms and conditions applying to the products and services we provide to you and you may be liable for any unauthorised transactions that subsequently occur. Pass codes include PINs, internet and telephone banking passwords, and codes generated by security tokens.
We may also use your personal information to tell you about other financial products and services we think you may be interested in. This may include products and services offered or distributed by us or the companies with which we are associated. You can opt out of receiving this information (see below - ‘Opting out of product promotions’). We do not sell your personal information to third parties.
We provide services to a number of business partners and their customers. In order to provide these services, personal information may be used and exchanged. The information of these customers is given the same level of protection and treated in the same way as for customers of the Bendigo and Adelaide Bank Group.
In some cases we may need to share some of your information with organisations outside Australia. For example, when you instruct us to carry out a transaction such as a telegraphic transfer to or from an overseas country, or when we use service providers located overseas to perform a function on our behalf.
Bendigo and Adelaide Bank Group may share your information with overseas organisations that are located in the following countries:
You may also refer to the Privacy statement provided to you for specific information about overseas disclosure.
When we share your information with organisations overseas we ensure appropriate data handling and security measures are in place.
In most cases you can gain access to your personal information held by us.
We will also take reasonable steps to amend or correct your personal information to keep it accurate and up-to-date. Please contact us if you would like to access or request a correction of your personal information (see ‘Contacting us’ below).
In most cases you can access your personal information held by us. If you believe that personal information we hold about you is inaccurate, out of date or incomplete, you should contact us. (see ‘Contacting us’ below).
We will promptly update your personal information that is inaccurate, out of date or incomplete. In some cases we may request you provide us with supporting documentation to amend the personal information we hold about you.
If we do not agree that your information is inaccurate, out of date or incomplete, we will give you a written notice including the reasons why we do not agree with you and how you can make a complaint.
You can opt out of receiving direct marketing material at any time by contacting us (see ‘Contacting us’ below).
If you do opt out, we will continue to provide information in relation to your existing accounts or facilities only (including new features or products related to these accounts/facilities).
We will take reasonable steps to keep the personal information that we hold about you secure to ensure that it is protected from loss, unauthorised access, use, modification or disclosure.
Your personal information is stored within secure systems that are protected in controlled facilities. Our employees and authorised agents are obliged to respect the confidentiality of any personal information held by us.
You can also help to keep the personal information that we hold about you secure by taking care before you authorise or otherwise assist any third party to obtain or gain access to that information (see ‘Use and disclosure’ above).
We use our best efforts to ensure that information received via our Websites remains secured within our systems. We are regularly reviewing developments in online security; however, users should be aware that there are inherent risks in transmitting information across the internet.
Sometimes cookies are used by a third party service provider with whom we have an agreement to monitor the success of our marketing campaigns. The third party service provider uses the cookies to collect information such as when you visited our site, your browser type and the server that you log in to on your computer.
The information is used in an aggregate form and generally no personal information is collected by the third party service provider. Our agreements with these third parties ensure this information is only used to carry out functions on our behalf, and if any personal information is collected the confidentiality of that information is maintained.
Most internet web browsers are pre-set to accept cookies to enable full use of websites that employ them. However, if you do not wish to receive any cookies on an internet web browser you may configure your browser to reject them or receive a warning when cookies are being used. In some instances, this may mean that you will not be able to use some or all of the services provided on our Websites . However you may still be able to access information-only pages.
If you have concerns or wish to make a complaint regarding the handling of your personal information by us, please contact our Customer Feedback Team on 1300 361 911 or at firstname.lastname@example.org. We will promptly investigate your complaint and notify you of the outcome.
If you are not satisfied with the response provided by our Customer Feedback Team, you have the option of referring the matter to the Customer Advocate who will impartially assess your complaint, keep you informed of the progress and provide you with a response.
The Customer Advocate can be contacted by:
Alternatively (or following consideration by the Customer Advocate) you may refer your complaint directly to the relevant External Dispute Resolution (EDR) scheme.
If you are in a country that is a member of the European Economic Area (EEA), you may be protected by the European Union General Data Protection Regulation 2016/679 (‘GDPR’). Please click here to read more information about our GDPR Policy.
PO Box 480
Bendigo Vic 3552
Tel: 1300 236 344
PO Box 480
Bendigo Vic 3552
Tel: 1300 652 220
Level 5, 120 Harbour Esplanade
Docklands Vic 3008
Tel: 1800 803 173
Level 3, 120 Harbour Esplanade
Docklands Vic 3008
Tel: 1800 061 091
Fax: (03) 8414 7252
GPO Box 5388
Sydney NSW 2001
Tel: 1300 307 807
Fax: (02) 8282 8383
PO Box 309
Collins Street West Vic 8007
Tel: (03) 8627 2727
Fax: (03) 8627 2777
PO Box 3660
Rundle Mall SA 5000
Tel: 1300 660 115
PO Box 480
Bendigo VIC 3552
Tel: 1800 646 042 (inside Australia)
+61 3 5485 6393 (from outside Australia)
Fax: (03) 5485 7655
PO Box 480
Bendigo, Victoria 3552
Phone: 1300 304 541
Fax: 1300 304 542
PO Box 585
Corrimal NSW 2518
Tel: 1300 CSBANK (1300 272 265)
The Bendigo Centre
PO Box 480
Bendigo Victoria 3552
Telephone:1300 146 395
If you would like to contact an entity in the Bendigo and Adelaide Bank Group which is not listed above, please contact 1300 236 344.
You can find more information about privacy (including information about specific issues, answers to frequently asked questions and links to the 13 Australian Privacy Principles) on the Office of the Privacy Commissioner’s website at http://www.oaic.gov.au/
Date of Publication - May 2018