Privacy Policy

1. Introduction

This Policy applies to Finstra Pty Ltd (ACN 107 054 240) (referred to as ‘Finstra’, ‘we’, ‘our’, ‘us’) and extends to and covers all operations and functions of those organisations.

All third parties (including clients, suppliers, sub-contractors, or agents) that have access to or use personal information collected and held by Finstra must abide by this Privacy Policy. Finstra makes this Policy available free of charge and can be downloaded from its website

This Policy outlines Finstra’s obligations to manage and protect personal information. Finstra is bound by the Australian Privacy Principles (‘APPs’), the Privacy Act 1988 (‘Privacy Act’) and the Privacy Amendment (Notifiable Data Breaches) Act 2017. This Policy also outlines Finstra’s practices, procedures and systems that ensure compliance with the Privacy Act and the APPs.
In this Privacy Policy:

‘Credit information’ is personal information (other than sensitive information) that relates to an individual’s credit history or credit worthiness, and is further defined in the Privacy Act.
‘Disclosing’ information means providing information to persons outside Finstra;
‘Individual’ means any persons whose personal information we collect, use or disclose.
‘Personal information’ means information or an opinion relating to an individual, which can be used to identify that individual;
‘Privacy Officer’ means the contact person within Finstra for questions or complaints regarding Finstra’s handling of personal information;
‘Sensitive information’ is personal information that includes information relating to a person’s racial or ethnic origin, political opinions, religion, trade union or other professional or trade association membership, sexual preferences and criminal record, and also includes health information; and
‘Use’ of information means use of information within Finstra.

2. What kind of personal information do we collect and hold?

We collect and hold the following kinds of personal information about individuals:
phone numbers;
email addresses;
bank account details;
drivers’ licence details
statement of assets and liabilities
superannuation statements
credit information (if expressly authorised by the individual); and
any other information that is relevant to the services that we provide.

3. How we collect personal information

We generally collect personal information directly from the individual. For example, personal personal information will be collected when an individual opens an account with us, visits our website, or sends us correspondence. Sometimes we may collect personal information about the individual from a third party. When we are provided with personal information from a third party, we will take reasonable steps to ensure that the individual is or has been made aware of the matters set out in this Privacy Policy. An individual may also appoint us as their agent to obtain credit information about them from a credit reporting body or credit provider, to assist us in providing our credit assistance services to them.

Finstra will not collect sensitive information unless the individual has consented or an exemption under the APPs applies. These exceptions include if the collection is required or authorised by law or necessary to take appropriate action in relation to suspected unlawful activity or serious misconduct.

If the personal information we request is not provided by an individual, we may not be able to provide the individual with the benefit of our services, or meet their needs appropriately.

Finstra does not give individuals the option of dealing with them anonymously, or under a pseudonym. This is because it is impractical, and in some circumstances illegal, for Finstra to deal with individuals who are not identified.

4. Unsolicited personal information

Finstra may receive unsolicited personal information about individuals. Finstra’s employees are required to notify the Privacy Officer of all unsolicited personal information received by them. We destroy all unsolicited personal information, unless the personal information is relevant to Finstra’s purposes for collecting personal information.

5. About whom do we collect personal information?

The personal information we may collect and hold includes (but is not limited to) personal information about the following individuals:

clients; potential clients;
service providers or suppliers;
prospective employees, employees and contractors; and
other third parties with whom we come into contact.

6. Website collection

We collect personal information from our web site ( when we receive emails and online forms. We may also use third parties to analyse traffic at that web site, which may involve the use of cookies. Information collected through such analysis is anonymous.Our website privacy policy can be accessed by clicking on the privacy button on our website.
We also know that some customers like to engage with us through social media channels. We may collect information about you when you interact with us through these channels. However for all confidential matters, we’ll ensure we interact with you via a secure form.

7. Security of your personal information

Finstra takes reasonable steps to ensure the security of your personal or company information from unauthorised access, theft or modification.

In the extremely unlikely event that Finstra suspects that there has been a data breach that may cause you serious harm, we will take all reasonable steps to assess if your data has been accessed or lost, and if this information being accessed or lost may cause you serious harm. This assessment will always be completed expeditiously and within 30 days.

If Finstra finds that there has been a data breach that has the potential to cause you serious harm, this will be reported to the Office of the Information Commissioner and you directly.

8. Feedback on the handling of your personal information

Should you be unsatisfied in the manner in which Finstra has handled your personal information please contact us (per details listed above). We will take all necessary steps to investigate and address your concerns. If the issue you have raised is not resolved to your satisfaction you should contact the Office of the Australian Information Commissioner at:

Ph: 1300 363 992
Mail: GPO Box 5218

You can learn more about the Privacy Act and your rights at


Subscribe to our newsletter

Receive our free eBook

Register your details and keep up to date with the latest news.
We hate spam too. Your email is safe with us.

* Required fields