We recognise the importance of protecting your privacy, and being clear about how we collect, use, share, store and protect your information is a vital part of our relationship with you.

1. Your privacy is important to us 

This Policy outlines how Resolute Risk Management Pty Ltd (“ResoluteRM“) and its related companies (“we / us / the Group“) collect, disclose, use, store or otherwise handle personal information.

It is important to us that we manage your personal information securely and consistently with relevant legislation, specifically the Privacy Act 1988 (Cth), as amended or replaced from time to time (the “Privacy Act” and “Privacy Laws”). 

This Policy explains:

• The kinds of personal information we collect;
• The purposes for which we collect this information;
• How we manage the personal information that we collect about you;
• How you can seek access to and correct that information; and
• If necessary, how you can make a complaint relating to our handling of that information. 

This policy does not limit our rights and obligations under Privacy Laws. 

This policy is not limited to current customers – it relates to all other individuals who deal with us, whether in relation to the provision of risk management services or otherwise.  By using our services or otherwise dealing with us, you are deemed to agree to our Privacy Policy.  

2. Information we collect from you 

2.1 When we collect Personal information 

We collect information about you and your interactions with us, for example, when you enquire, apply for, request or use our products or services, make a card payment or transfer money, phone us or visit our website.  When you use our website or mobile applications, we may collect information about your location or activity including your IP address, telephone number and whether you’ve accessed third-party sites.  Some of this website information we collect using cookies.  This may include information collected directly from you and information that you authorise us to collect from third parties.  It is not mandatory for you to provide us with the personal information that we may request – however if you do not do so it may affect the products and services that we can provide to you. 

2.2 The Personal Information we collect 

We will collect certain personal information about you depending on the circumstances in which the product or service is being applied for or provided. 

This information can include:

• Key personal information such as your name, residential and business addresses, telephone numbers, email and other electronic addresses;
• Financial and related information, such as bank account information (for billing purposes), and your employer information;
• Your transaction history (with us and our associates or relevant third parties). This information includes products you may have used with us in the past, your payment history, and the capacity in which you have dealt or deal with us; and
• Other relevant information – such as, but not limited to membership of professional bodies, and your role in an organisation.

2.3 Information we collect from others

We may collect information about you from others such as service providers, agents,  advisers, brokers, employers etc.

If you elect to use data integrations in connection with our service (such as cloud accounting integrations), you permit such services to access your Organisation’s data linked to the credentials you would provide. The service provider will access your information for the purpose of providing this organisational data to us.

The service provider may access transactional data from any account that is associated with the login credentials that you submit. This may include personal accounts as well as business accounts. Your provision of login credentials to utilise such service providers does not provide us with your login credentials or passwords nor the ability to access your account with those third party service providers.

Through the use of such service providers (when electronically permissioned by you), we will obtain data relating to I.T. subscriptions, hardware and related services and expenditure your Organisation uses to conduct its activities, for the purpose of providing our service to you. 

Should you agree to the use of such a service provider, you will be subject to their terms and conditions and privacy policy which will govern any act or omission of that service provider in connection with your use of that service.

2.4 Sensitive information

The Privacy Laws protect your sensitive information. If we need to obtain this type of information, we will ask for your consent, except where otherwise permitted by law.

2.5 Information about other people

If you provide any personal information to us about another person, you confirm that you have the authority of that person to share their information with us and to permit us to hold, use and disclose their information in accordance with this Privacy Policy.  You must inform them of their rights to access and request correction of their information set out below.

3. How do we use your information?

We use your information to:

• Establish your identity and assess applications for products and services;
• Price and design our products and services;
• Administer our products and services, including assessing whether to make any future offer to you, and generally carry out our business functions and activities or disclose your information to a third party with a product or service that may be reasonably of interest to you;
• Manage our relationship with you, including fulfilling our obligations and exercising our rights under any agreement with you;
• Conduct and improve our businesses and improve our customers’ experience;
• Manage our risks and help identify and investigate illegal activity, such as fraud;
• Contact you, for example to invite you to review our products and services, if we suspect fraud on your account or need to tell you something important;
• Comply with our legal obligations and assist government and law enforcement agencies or regulators; and
• For identification and provision of products or services offered by us, any of our Group members or any third parties that may reasonably be of interest to you (refer to section 3.1 below).

We may also collect, use and share your information in other ways where you have authorised us to do so or where permitted by law.

3.1 Direct marketing

We may use your information for direct marketing, including by email or other electronic means.  If you no longer want to receive direct marketing, you can tell us by using any of the methods set out in section 8.

3.2 Gathering and combining data to get insights

Improvements in technology enable organisations to collect and use information to get a more integrated view of customers and provide better products and services.  We may combine our customer information with information available from a wide variety of external sources (for example Bureau of Statistics data).  We are able to analyse the data in order to gain useful insights which can be used for any of the purposes mentioned earlier in this policy.  In addition, Group members may provide data insights or related reports to others, for example, to help them understand their customers better.  These insights and reports are based on aggregated information and do not contain any information that identifies you.

3.3 How we use cookies and other tracking technologies

We also use cookies to improve your user experience when using our website and to learn how you interact with our content.

4. Who do we share your information with?

We may share your information with other members of the Group, so that the Group may adopt an integrated approach to its customers.  Group members may use this information for any of the purposes mentioned in this section.

4.1 Third parties

We may share your information with third parties where this is permitted or required by law, or for any of the purposes mentioned in section 3.

Third parties can include:

• Your co-applicant(s) (if any);
• Group members based in Australia;
• Service providers, for example I.T. service providers, advisory firms, market research / data providers, and loyalty program redemption partners;
• Service providers to whom we outsource certain functions, for example, payment services, direct marketing, customer review tools, statement production and information technology support, some of whom may contact you on our behalf;
• Brokers, agents and advisers and persons acting on your behalf;
• Persons involved in arrangements that provide funding to us, including persons who may acquire rights to our assets, investors, advisers, trustees and rating agencies;
• Other insurance companies and financial institutions or their authorised representatives or partners, or another third-party organisation or partner, including where such entities provide products and/or services that may reasonably be of interest to you;
• Auditors, insurers and re-insurers;
• Government and law enforcement agencies or regulators;
• Entities established to help identify illegal activities and prevent fraud
• Overseas entities that provide products and services to us; and
• Any other parties that you authorise or that we are required or permitted by law to share information with.

4.2 Sending information overseas

Generally, we use customer service teams located within Australia.  However, we may send your information overseas, including to overseas Group members and to service providers or other third parties who operate or hold data outside Australia.  Where we do this, we take reasonable steps to ensure that appropriate data handling and security arrangements are in place.  Please note that Australian law may not apply to some of these entities and the relevant entity may not be required to protect the information in a way that, overall, provides comparable safeguards to those in the Australian Privacy Act.

We may also send information overseas to complete a particular transaction or where this is required by laws and regulations of Australia or another country.

Where we send your information overseas, it is likely to be one of the following countries:

• Canada;
• India;
• Philippines;
• United Kingdom; and/or
• United States

Where we send your information to overseas Group members or service providers, we take reasonable steps to ensure that appropriate data handling and security arrangements are in place.

5. Keeping your information secure

We store your hard-copy or electronic records on our premises and systems or offsite using trusted third parties.  We use reasonable endeavours to keep your personal information secure, however, this security cannot be guaranteed.

Our security safeguards include:

5.1 Staff Education

We train and remind our staff of their obligations with regard to your information.

5.2 Taking precautions with overseas transfers and third parties

If we send information overseas or use third parties that handle or store data, we take reasonable steps to ensure that appropriate data handling and security arrangements are in place.

5.3 System security

When you transact with us on the internet via our website or mobile apps we encrypt data sent from your computer to our systems.  We have firewalls, intrusion detection systems and virus scanning tools to help to protect against unauthorised persons and viruses accessing our systems.  When we send your electronic data outside the Group we use dedicated secure networks or encryption.  We limit access by requiring use of passwords and/or smartcards.

5.4 Building security

We have protection in our buildings against unauthorised access such as alarms, cameras and guards (as required).

5.5 Destroying data when no longer required

We keep information only for as long as required (for example, to meet legal requirements or our internal needs).

5.6 Your log-in details

You are advised to keep your log-in details private and confidential.  Your log-in details are your responsibility and we advise you not to share those details with any party.  You hereby acknowledge that any party that accesses your account does so as your agent and accordingly you agree to be bound by any transactions effected through their use of your account.   We are entitled to rely on any access to or use of your account without making any further enquiries.

6. Accessing, updating and correcting your information

6.1 Can I get access to my information?

You can ask for access to your basic information (for example what transactions you’ve made) by going online or email us.

6.2 Is there a fee?

There is no fee for making the initial request.  However, in some cases, where permitted by law, there may be an access charge to cover the time we spend locating, compiling and explaining the information you ask for.  If there is an access charge, we’ll give you an estimate up front and confirm that you’d like us to proceed.  Generally, the access charge is based on an hourly rate plus any other out-of-pocket expenses.  You’ll need to make the payment before we start, unless you’ve authorised us to debit your account.

6.3 How long does it take to gain access to my information?

We try to make your information available within 30 days of your request and we will respond to your request within 20 days.  Before we give you the information, we’ll need to confirm your identity.

6.4 Can you deny or limit my request for access?

In certain circumstances we’re allowed to deny your request, or limit the access we provide.  For example, we might not provide you access to commercially sensitive information.  Whatever the outcome, we’ll write to you explaining our decision.

6.5 Updating your basic information

It’s important that we have your correct details, such as your current address and telephone number.  You can check or update your information by going online or emailing us.

6.6 Can I correct my information?

You can ask us to correct any inaccurate information we hold or have provided to others by contacting us.  If the information that is corrected is information we have provided to others, you can ask us to notify them of the correction.  We don’t charge a fee for these requests.

If we’re able to correct your information, we’ll inform you when the process is complete.

6.7 What if we disagree that the information should be corrected?

If we disagree with you that information should be corrected, we’ll let you know in writing our reasons.  You can ask us to include a statement with the relevant information, indicating your view that the information is inaccurate, misleading, incomplete, irrelevant or out-of-date.  We will take reasonable steps to comply with such a request.

6.8 Can I ask you not to provide my information to my agent?

If you were introduced or applied to us through a third party or agent (your “Introducer”), we may provide them with basic information about the services we provide you and the charges we allocate to your account.  If you do not wish us to provide your information to your Introducer, you must advise us by contacting [email protected].

7. Making a privacy complaint

7.1 We’re here to help

If you have a concern about your privacy, you have a right to make a complaint and we’ll do everything we can to put matters right.

7.2 How do I make a privacy complaint?

To lodge a complaint, please get in touch with us set out in section 8.  We’ll review your situation and try to resolve it straight away. 

7.3 How do we handle a privacy complaint?

We acknowledge every complaint we receive and provide you with our name, a reference number and contact details of the investigating officer.  We keep you updated on the progress we’re making towards fixing the problem.

Usually, it takes only a few days to resolve a complaint.  However, if we’re unable to provide a final response within 45 days we’ll contact you to explain why and discuss a timeframe to resolve the complaint.

7.4 External review of privacy complaints

If your complaint is about the way we handle your personal information you may also contact:

The Office of the Australian Information Commissioner by calling them at 1300 363 992, online at www.oaic.gov.au or writing to the Office of the Australian Information Commissioner (“OAIC”), GPO Box 5288 Sydney NSW 2001.

8. How to contact us or find out more

For privacy related queries, access or correction requests, or complaints, or to request a printed version of this policy, please contact us via email at contact@ resoluterm.com.  Our customer service representatives are available Monday to Friday.

We aim to resolve your query or complaint at your first point of contact with us.

8.1 To update your direct marketing preferences or request not to receive direct marketing

You can email us at contact@ resoluterm.com.

For more information about the Australian Privacy Principles and credit reporting rules visit the Australian Information Commissioner (“OAIC”).

9. Amendments to this Privacy Policy

We may change this Privacy Policy at any time by changing or removing existing terms or adding new ones.  Changes may take the form of a completely new Privacy Policy.  We will tell you about any changes by posting an updated Privacy Policy on our website.  Any change we make applies from the date we post it on the website.  By continuing to use our services you will be deemed to agree to our updated Privacy Policy.