Privacy Policy

We have created a privacy policy in accordance with the Privacy Act 1988 (Cth) to demonstrate our firm commitment to
privacy and the protection of your Personal Information. The following policy describes how our Company and its related
entities (‘we’, ‘our’ or ‘us’) handle your Personal Information.
Our obligations or permitted handling of Personal Information under privacy laws is not limited by this privacy policy. For
example, the Privacy Act allows us to rely on certain exemptions including in relation to employee records.

1. Collecting your Personal Information

a) Personal information we may collect‘Personal Information’ is information which identifies you as an individual. We collect both current and historical
Personal Information including but not limited to:

  • – Name, contact and address details
  • – Identification (eg, driver’s licence or passport you provide to us)
  • – Organisational affiliations
  • – Positions held
  • – Forms submitted
  • – Payment details
  • – Enquiry/complaint details
  • – Details of any injury or safety incident on any of our sites
  • – Results of drug and alcohol testing at our sites
  • – GPS tracking at our sites and between our sites (if any)
  • – Details of any gift or entertainment provided to you
b) How we may collect Personal Information

The Company collects Personal Information in different ways:
– from you directly when you contact, communicate and/or transact with us. For example, this occurs when we deal
with you in person over the phone or in store, when you send us correspondence (including via email and
facsimile), if you engage with us online or through business activities and events.
– from third parties including public sources, share registry service providers, information service providers, any of
our affiliated entities, the parties with whom we exchange information as described here and similar lists which are
legally acquired by us.
– we may also operate video and audio surveillance devices on our premises for purposes including security, safety,
training and dispute resolution.

c) How we may use your Personal Information

Your information may be used for a variety of purposes, relevant to both our relationship with you and the effective
conduct of our business. We may use your Personal Information for purposes which include but are not limited to:
– Administering our products and services to fulfil your orders
– Identifying and telling you about other products or services that we think may be of interest to you
– Conducting and improving our business, including product and service line offering, and improving the customer
experience
– Conducting market research and direct or other marketing of our products and services
– Considering and responding to your enquiries, requests and applications
– Collecting monies due to us, and claims made by you
– Managing our relationship with you
– Conducting injury and safety management
– Protecting our lawful interests

Your Personal Information makes it possible for us to do these things. For example, without it we may be prevented
from delivering our products and services, providing goods on commercial credit, communicating with you and/or
improving our product and service offering.
If you do not wish to receive direct marketing communications from the Company you can easily request not to
receive these communications by notifying us and we will remove your details from our marketing database.

d) How we may disclose your Personal Information

The Company is assisted by a variety of third parties that help us carry out our activities. Some examples of third
parties include:
– Our affiliated entities
– Subcontractors and service providers who assist us to provide products and services and to administer and
manage our business
– Your guarantors (where applicable)
– Your representatives in the course of conducting our business
– Transport Providers
The type of service providers we regularly engage include those that assist us with archiving, auditing, accounting,
customer contact, delivery, payment, debt collection, legal, business consulting, SaaS providers, banking, data
processing and analysis, information broking, investigation, insurance, website or technology services.
Your Personal Information may be disclosed with third parties when undertaking joint promotions. We may also
disclose your Personal Information to third parties transacting with the Company in relation to our assets or
businesses under an undertaking of confidentiality.

e) How we hold and store your Personal Information

We hold your Personal Information through secure electronic storage facilities as well as in paper format stored in
our offices.

f) Overseas disclosure of your Personal Information

We may disclose your Personal Information to service providers that are overseas, such as New Zealand,
Singapore, India and the United States of America. We will usually take reasonable steps to ensure that these
overseas third parties do not breach Australian privacy obligations in relation to your Personal Information

2. Hiring and recruitment

If you apply for a position with us, we may also collect information about your experience, character, qualifications and
screening checks (including background, health, references, directorship, financial probity, identity, eligibility to work,
vocational suitability and criminal record checks). Sensitive information will only be collected with your consent.
We collect, use and disclose your Personal Information to assess your application, conduct screening checks and
consider and contact you about positions available. Your Personal Information may be exchanged with academic
institutions, recruiters, screening check providers, health service providers, professional and trade associations, law
enforcement agencies, referees and your current and previous employers. We may not be able to further consider
you for positions with us without your Personal Information.

3. Employees and contractors

This section applies to our current and former employees and contractors in addition to the Hiring and Recruitment
section above. We may collect information relating to your current or former employment or engagement including
information about your:
– training, disciplining, performance, conduct, resignation and termination
– emergency contact details – use of our IT resources
– payroll matters, wage negotiation and matters incidental to those matters, union or professional/trade association membership
– recreation – drug/alcohol tests
– employment contract and employment policy matters
– leave and taxation
– banking or superannuation affairs
– workplace health and safety matters
Various laws require or authorise us to collect your Personal Information. These laws include the Fair Work Act,
Superannuation Guarantee (Administration) Act and Taxation Administration Act. We collect, use and disclose your
Personal Information for various reasons relating to your employment or engagement with us including engagement,
training, health and safety, administration, insurance (including Workers Compensation), superannuation, payroll and
staff management purposes.
We may exchange your Personal Information with your representatives (including unions) and our service providers.
We may not be able to effectively manage your employment or engagement without your Personal Information.
Where a current or former employee makes a claim under workers compensation law in any state or territory,
Personal Information will be collected and provided to the relevant statutory authorities and entities under legal
obligations imposed by the relevant state or territory.

4 Credit Reporting

a) What types of credit-related Personal Information will we collect?
The following section applies in addition to (and without limiting) the other parts of this Policy in connection with all
trading and customer commercial credit accounts with us.
When you apply to us for commercial credit or propose to be a guarantor of a commercial credit account we collect
credit-related Personal Information. This may include:
– identification information such as names, date of birth, gender, recent addresses, employer and driver’s licence
details
– the fact that any credit has been applied for, amount and type of credit
– details of current and previous credit providers
– credit limits and certain terms and conditions relating to credit arrangements
– records of previous information requests to credit reporting bodies (‘CRBs’) made by other credit providers,
mortgage insurers and trade insurers
– repayment history
– start and end dates of particular credit arrangements
– payment default information including information about related payment arrangements and subsequent
repayment
– information about adverse court judgments, publicly-available information relating to credit worthiness and
personal insolvency records from the National Personal Insolvency Index
– any credit providers opinion that there has been a serious credit infringement (e.g. fraud)
– information derived from CRBs (e.g. credit scores, ratings and assessments)
– information derived from trade credit insurers
– information we derive from the above information (e.g. our own credit scores, ratings and assessments)
– details of interests in property
b) How we collect credit-related Personal Information?
Credit-related Personal Information may be collected either directly or indirectly from third parties including the
CRBs listed below; records published by Australian Courts; information provided by trade insurers and other credit
providers (e.g. through credit references).
We may also collect credit-related Personal Information directly or indirectly from you or an authorised

representative assigned by your organisation including:
– when you or the authorised representative within your organisation applies for a commercial credit facility with us
– when you as a director of a company, owner of the business or in your own capacity as an individual, provide
personal guarantees as collateral for such a commercial credit facility
– when you or your organisation request an increase in an existing commercial credit facility and we require you to

complete an application to facilitate such a request- when you request access to, or correction of, your credit-
related Personal Information

c) How will we use and disclose your credit-related Personal Information?
We use your credit-related Personal Information for a variety of reasons. We may use this information (amongst
other things) to:
– assess a credit applicant’s eligibility to qualify for, or request an increase to, a commercial credit facility
with us
– determine the strength of an application by you to be a guarantor
– make our own assessments and ratings of your credit worthiness
– verify your identity
– manage the commercial credit facility, guarantee, account and our relationship with you effectively
– assist the CRBs to maintain records in relation to your credit worthiness
– obtain trade credit insurance
– collect overdue payments
We may also disclose your credit-related Personal Information to CRBs. If a credit applicant fails to meet their
payment obligations in relation to commercial credit or commits a serious credit infringement, we may disclose
this to a CRB. CRBs collect and exchange this information with third parties as permitted by law, this includes
credit providers like us and other credit providers.
d) How can you access or correct your credit-related Personal Information?
If you would like to access your credit-related Personal Information or to find out what Personal Information we
hold about you, please contact our Privacy Officer using the contact details provided below.
– Credit-related Personal Information held by a CRB or another credit-provider
– You can request access to, or correction of credit-related Personal Information held by a CRB or another
credit provider and we will seek to obtain a response from that CRB or other credit provider.
– Credit-related information held by us
You can request access to, or correction of, credit-related Personal Information held by us or make a complaint
in relation to our collection, use or disclosure of credit-related information. We will endeavour to acknowledge
receipt of your complaint, investigate and consult with any relevant associated entities (e.g., a CRB) within
applicable legally prescribed time limits.
e) What credit reporting bodies do we refer to?
We sometimes consult with credit reporting bodies to consider the creditworthiness of applicants for commercial
credit. The credit reporting bodies (CRBs) we refer to include:
Equifax Australia
Level 15, 100 Arthur St

Creditor Watch
Level 13, 109 Pitt St

Experian
Level 6, 549 St Kilda Rd
NCI
Level 2, 165 Grenfell St
Illion
Level 2, 143 Coronation Dr

North Sydney NSW 2060
Tel: 1300 921 621
www.equifax.com.au

Sydney NSW 2000
Tel: 1300 501 312
www.creditorwatch.com.au

Melbourne VIC 3004
Tel: 03 9699 0100
www.experian.com.au

Adelaide, SA 5000
Tel: 1800 882 820
www.nci.com.au

Milton QLD 4064
Tel: 07 3360 0600
www.illion.com.au
Contact these listed CRBs or visit their websites if you wish to see to see their policies regarding the
management of credit-related information, including details of how to access or correct your credit-related
Personal Information they hold. You also have the right to request CRBs not to:
– use or disclose credit-related Personal Information, if you have been or are likely to be a victim of fraud; and
– use your credit-related Personal Information to determine your eligibility to receive direct marketing from
credit providers.

5. Security of your Personal Information

The Company takes reasonable steps to ensure that your Personal Information is stored securely and has security
measures in place to protect against the loss, misuse, interference, unauthorised access and alteration of the Personal
Information held. The Company’s staff are required to treat sensitive information as confidential. If your Personal
Information is no longer required by the Company, it will take reasonable steps to destroy that Personal Information or
ensure it is de-identified.

6. Using our online facilities

When you use our websites and online tools, information may be collected including, but not limited to, pages/sections
accessed, information downloaded or the date and time of your use of our online facilities. We use this information for
statistical, reporting, administration and maintenance purposes in relation to our online facilities.
We collect some of this website information using cookies. A ‘cookie’ allows a web browser to transfer data over to a
computer or device for recordkeeping and other purposes. We use cookies to maintain the continuity of your browsing
session serving you with more tailored information to facilitate the ongoing access and use of our online facilities.
If, for any reason, you do not wish to take advantage of cookies you can configure your browser to reject cookies.
However, this may reduce or render un-useable some of the features of our online facilities.
We are subject to laws requiring us to protect the security of Personal Information once it comes into our possession.
However we are not responsible for the privacy practices or policies of links to other websites and online services.
Please be aware that information may be insecure in transit, particularly where no encryption is used (e.g. email,
standard HTTP).

7. Corrections, complaints, access and further enquiries

Please contact our Privacy Officer by emailing nat.credit@auscm.net or calling +61 (02) 9024 4313 if you would like to:
– access your Personal Information or find out what information we have on you
– find out more about our information handling practices
– raise any privacy concerns or complaints
– request that information about you which is not accurate, complete or up to date be corrected

We will respond to requests within a reasonable period of time. The Company reserves the right to charge a
reasonable fee for searching and providing you access to your Personal Information.
In some circumstances it may not be possible for us to correct or provide access to your Personal Information in the
manner that you have requested. If such a situation arises, we will notify you in writing and tell you why (except to the
extent where it would be unreasonable for us to do so).

8. Changes to the Privacy Policy

This Privacy Policy will be amended and updated from time to time. Any changes to this Policy will be notified by an
announcement on our website. The date on the bottom of this page indicates when this Policy was last updated.