ŠKODA Privacy Policy

ŠKODA Australia Privacy Policy

1. Introduction

This Privacy Policy sets out how ŠKODA collects, stores, uses and discloses personal information in accordance with the Australian Privacy Principles ("Principles") contained in the Privacy Act 1988.

The Principles govern the use of "personal information", which is information or an opinion about an identified individual or an individual who is reasonable identifiable. It need not matter that the information is correct or not or whether it is recorded in a material form or not.

This Privacy Policy describes the information that the Privacy Act requires us to communicate to all of our customers. We hope it helps you understand how we handle your personal information and deliver the protection that the Privacy Act affords. Please keep it for future reference.

2. Who are we

In this document 'ŠKODA' or ‘we’ or ‘us’ refers to Volkswagen Group Australia Pty Ltd (ABN 14 093 117 876) trading as ŠKODA. ŠKODA distributes and sells a range of vehicles, parts and accessories in Australia through its appointed dealer network.

3. What information do we collect and hold

ŠKODA may hold and collect the following personal information about you, may include:

  • contact information and identification such as your name, date of birth, telephone number(s), email address(es), residential and/or business address(es), ABN, demographic information (such as postcode, age, gender) and driver’s licence details;
  • vehicle warranty and servicing details provided by our dealer network, affiliates or third parties including vehicle registration, vehicle purchase details, name of your selling or servicing ŠKODA dealer, service appointment bookings, vehicle service and repair history (including in relation to warranty, repairs and recalls, if applicable), data collected as a result of on-board vehicle telematics;
  • information collected from marketing campaigns, product research, customer surveys, your interactions with ŠKODA including via social media, or publicly available information that you post or publish;
  • employment application information; and
  • any other relevant information.

If you choose not to provide us with your personal information, we may not be able to provide you with the services you require, or the level of service on which we pride ourselves.

Sensitive information: We will only collect sensitive information about you with your consent (unless we are otherwise allowed or required by law to collect that information). Sensitive information includes information about your health, race, ethnic origin and religious beliefs.

Providing someone else’s personal information: If you provide us with personal information about another person (such as a joint vehicle owner or authorised driver or contact person), please tell them about this Policy so they are aware that you have provided their information to us and that they can read this Policy to understand how their information will be handled.

Information we collect automatically

Whenever you visit or interact with ŠKODA’s website or other online platforms (“Platforms”), we, as well as any third-party service provider and/or advertiser, may use a variety of technologies that automatically or passively record information about how the Platform is accessed and used (“Usage Information”). Usage Information may include your IP address or other unique identifier for the device used to access a Platform ("Device Identifier"), browser type, “Device” type (computer, mobile phone, tablet or other device), operation system, application version, date and time of visit, pages viewed, preceding page views and your use of features or applications on the Platform such as interactions with connections or groups.

Usage Information helps us keep our Platforms relevant to users and allows us to tailor content to a user’s interests. Usage Information is generally non-identifying, but if we associate it with you as a specific and identifiable person, we will treat it as personal information.

We may use Device Identifiers to help us administer Platforms, diagnose problems with our servers, analyse trends, observe Platform usage and activity over time, help identify you and your shopping cart, and gather broad demographic information for aggregate use.

Cookies We or our external service providers may collect cookies from you (data files placed on a Device when it is used to visit a Platform) for security purposes, to facilitate site navigation and personalise your experience while visiting our Platforms (such as allowing us to select which ads or offers are most likely to appeal to you, based on your interests, preferences, location or demographic information).

Our cookies only contain de-identified information. To learn how you may manage cookies, or delete cookies that have already been installed, please refer to your browser’s help menu or instructions. If you disable or opt out of receiving cookies, some features and functions on our Platforms may not work properly. In addition, the offers we provide may not be as relevant to you or tailored to your interests.

Remarketing: We use search engines and social media to advertise our products and services online. Third party vendors, including but not limited to Google, Facebook, YouTube, Instagram use cookies to display relevant ads based on your past visits to our website. Remarketing allows us to tailor our marketing to better suit your needs and display ads that are relevant to you. We respect your privacy and any data collected will be used in accordance with this Privacy Policy, or the privacy policy of other remarketing services that we may use.

You can control your ad privacy settings by visiting:

myaccount.google.com/u/0/privacy?pli=1#ads .

4. Links to other websites

The ŠKODA website (and other materials we provide to you) may contain links to third party websites. The operators of those websites may have privacy policies and practices which differ from our own. ŠKODA is not responsible for the content of any external website or the privacy practices of any third party.

5. How we collect personal information

ŠKODA collects personal information in a variety of ways directly from you, including:

  • directly from you, when you interact with us in person or by telephone, electronic messages (including email and SMS) or other forms of communication;
  • directly from you, via our internet site (requests for information);
  • when you use data-collecting devices, products or systems;
  • from our dealer network when you purchase a vehicle or have your vehicle repaired;
  • from your agents or representatives who act on your behalf;
  • from competition entry forms, surveys or at our promotional activities or sponsored events;
  • directly from you, via our internet site (requests for information);
  • from third parties we contract to collect and/or manage data on our behalf;
  • from third parties who you have asked or permitted to provide your personal information (including those parties from whom you purchase goods and services);
  • from marketing organisations, including through the use of purchased lists;
  • from industry databases;
  • from publicly available sources such as the Internet and telephone directories; and
  • from law enforcement, dispute resolution, statutory and regulatory bodies.

6. How we use your personal information

Your personal information may be used in order to:

  • provide our products and services and those of our related companies and dealerships (whether directly or through our related companies and dealerships);market our products and services and those of our related companies and dealerships (whether directly or through our related companies and dealerships or third parties, such as search engines or social media);
  • communicate to you in relation to our products, services and our promotional activities (directly or through third parties such as search engines or social media);
  • providing customer assistance and support such as vehicle service reminders, service campaigns and assisting with warranty claims (whether directly or through our dealerships);
  • improving your customer experience and our marketing, including through data analytics, product planning, product development and research;
  • comply with our legal obligations (i.e. in the event of a Vehicle Safety Recall) , assisting government and enforcement bodies or regulators, or where otherwise required or authorised by or under law, or an order of a court or tribunal;
  • monitor our performance and to help us manage our services;
  • identify and contact individuals who do business with us;
  • train our employees, agents, dealers and representatives;
  • conduct customer and market research and analytics to improve the quality of our products and services;
  • assess and process employment applications and manage employment issues; and
  • handle complaints and disputes; and detect, investigating and preventing fraud.

We may contact and communicate with you either via telephone, post, facsimile, email or SMS.

We may publish (including by posting on social media) customer testimonials/ images/videos which may contain personally identifiable information. In each case, we will obtain the customer’s consent prior to publishing any content.


7. Direct Marketing

ŠKODA (including our dealers, agents and contractors if any acting on behalf of ŠKODA) may send you direct marketing to inform you about products or services, special offers, promotions and events that may be of interest to you. These marketing communications may include joint promotions with ŠKODA dealers or other promotion partners, and may be sent to you using any contact details provided by you, such as post, phone, email or SMS.

Your consent to receive direct marketing communications from ŠKODA in the above ways will be deemed if you do not opt out when you are offered the opportunity to do so, and will remain current on an ongoing basis unless and until you advise otherwise. If you do not want to receive such offers from us or do not want us to disclose your personal information to our related entities or dealerships for marketing purposes, you can opt out at any time by contacting us using our contact details provided below or by utilising the “unsubscribe” function in electronic communications. In some circumstances we may need to contact you to obtain additional information, verify your identity or to clarify your request, in order to action it.

If the law requires us to provide you with information about our products or services (for example, product recalls), we will provide that information even if you have elected not to receive information about our products and services generally.

8. When we disclose your personal information

We may disclose your personal information to organisations outside of ŠKODA. These organisations may include:

  • our appointed dealers;
  • outsourced service providers who manage services we provide to you including:
    - roadside assistance;
    - customer research;
    - financial services and insurance;
    - mailing systems and direct marketing; and
    - market research;
  • government, regularity and law enforcement authorities and organisations, as required or authorised by law;
  • our related body corporates;
  • the agent(s) of any of those entities referred to above;
  • your employer (where applicable); and
  • our advisors (including legal and accounting advisors).

Those entities are not authorised by us to use personal information for anything other than the purpose for which we supplied that information to them. We may also disclose personal information where you consent to us doing so. That consent may be written, verbal or implied from your conduct.

Outstanding service campaigns and recalls may be made available to subsequent owners (if any) and/or prospects. We do not disclose any personally identifying information about you to subsequent owners of your vehicle.

9. Disclosure to overseas recipients

Our related entities and some of our service providers (including information technology service providers) may be located overseas and, as a result, personal information collected and held by ŠKODA may be transferred overseas. The countries in which these recipients may be located will vary from time to time, but may include Germany, New Zealand, United Kingdom and the United States of America.

10. How we hold and store your personal information

ŠKODA may hold your personal information in a number of ways, including:

  • in our computer systems or databases, which may involve storing data on storage or computer systems provided by third party suppliers;
  • in paper records; and/or
  • in telephone recordings.

Where the information has been collected from our or your agent, or our service providers or dealerships, they may also hold copies of your personal information.

We may combine personal information we receive about you with other information we hold about you.

ŠKODA will store your personal information in a secure environment. It is protected by a combination of physical and technological measures. We have taken all reasonable steps to carefully protect your data from loss, misuse, unauthorised access or disclosure, alteration or destruction. If you want more information about the way we manage the information we hold please contact us as we would be happy to provide you with further information on our processes. Our contact details can be found at the end of this document.

Help us to ensure we hold accurate information

ŠKODA takes reasonable precautions to ensure that the personal information we collect, use and disclose is accurate, complete and up-to-date. However, the accuracy of that information depends to a large extent on the information you provide. We recommend that you:

  • let us know if there are any errors in your personal information; and
  • keep us up to date with changes to your personal information such as your name and address.

You can access your personal information

You have a right to access your personal information, subject to some exceptions allowed by law. If you would like to access your information, please let us know. You may be required to put your request in writing for security reasons and in some circumstances we may need to charge a fee for searching for and providing access to your information.

You can generally access and request the correction of information we hold about you by contacting us in any of the ways set out at the bottom of this Privacy Policy. You may be required to put your request in writing for security reasons and in some circumstances we may charge an access fee to recover the reasonable costs incurred. This charge is only designed to help us reasonably recover the costs associated with providing you with access and does not apply to the making of the request. Before we act on a request, we will provide an estimate of the access fee and ask you to agree to it.

Access to your information may be refused in a number of circumstances, such as where the information relates to anticipated legal proceedings or if the request for access is frivolous or vexatious. If we deny or restrict your access, we will write to you to let you know why, unless, having regard to the grounds for the refusal, it would be unreasonable for us to do so. You may make a complaint about a refusal to the Office of the Australian Information Commissioner.

11. How to contact us

If you wish to notify us of your new contact details, update your personal information, opt out of direct marketing, make a complaint about a breach of privacy or have any questions in relation to the accuracy of your information or privacy, please contact our Information and Privacy Officer by:

Telephone
1800 060 936
8:30 am – 5:00 pm (AEST) Monday to Friday (excluding NSW Public Holidays)

Facsimile
(02) 9742 7280
Mark to the attention of the 'Information and Privacy Officer'

E-mail
privacy@volkswagen.com.au

Mail
Information and Privacy Officer
PO Box 5155 Chullora NSW 2190

Please include the identification number of your vehicle (VIN) in all correspondence. This number is 17 characters long and can normally be found on your registration documents.

12. Making a Complaint

If you believe that your privacy has been compromised, or if you feel that we have breached the privacy laws, you are entitled to make a complaint. Complaints can be made by contacting us using our contact details in the “How to Contact Us” section of this Privacy Policy.

You will need to provide us with details of your complaint and any supporting evidence and/or information. You will receive an acknowledgement from us no later than 7 business days after receipt of your written complaint.

We will investigate your compliant in accordance with our internal complaints resolution process and determine the steps (if any) that we will undertake to resolve your complaint. We will contact you if we require any additional information from you. You will be sent the final decision in writing no later than 20 business days after you contact us, if we have all the necessary information to make that decision.

If you disagree with our decision, you may refer your complaint to the Office of the Australian Information Commissioner by visiting www.oaic.gov.au, calling 1300 363 992 or emailing enquiries@oaic.gov.au

13. Changes to our Privacy Policy

This Privacy Policy may be amended at any time. The updated version will be available by following the “Privacy Policy” link on ŠKODA’S website homepage, at www.skoda.com.au. You should check the Privacy Policy regularly for changes.

This Privacy Policy was last updated 30 May 2017.

ŠKODA Financial Services Privacy Policy

1. Document Summary & Purpose

The information in this document is our privacy and credit reporting policy. We simply refer to it in the remainder of the document as “Privacy Policy” or “this Policy”.

It sets out in detail how we manage the “Personal Information” and/or “Credit Information” of or about our customers, employees and other individuals we deal with in the course of our business activities.

We have defined the terms “Personal Information” in section 3 (“Personal Information” defined) and “Credit Information” in section 4 (“Credit Information” defined).

Amongst other things, our Privacy Policy contains information on:

  • Our names (section 2);
  • Why we collect information (section 5);
  • When we collect information (section 7);
  • Types of information we collect (section 3: “Personal Information” and section 4: “Credit Information”);
  • How we collect information (section 8);
  • Whose information we collect (section 6);
  • How we protect your information (section 13);
  • Sending information overseas (section 11);
  • Requesting access to your information (section 14); and
  • Contacting us when, for example, you wish to make a complaint or request access to your information (section 16).

1.1 Changes to Policy

We will make changes to this Privacy Policy as often as necessary without notice to ensure it remains relevant and effective in achieving its objectives and goals.

Any changes we make to this Policy will become effective immediately after we have published them and we will apply them to how we will manage the Personal Information or Credit Information of our customers in the future.

2. Our Names

We are Volkswagen Financial Services Australia Pty Ltd ABN 20 097 071 460 (“VWFSA”), a wholly-owned subsidiary of the global financial services organisation, VWFS AG, which is headquartered in Braunschweig, Germany.

In Australia, VWFSA uses various business names including “Volkswagen Financial Services”, “Audi Financial Services”, “ŠKODA Financial Services”, “Bentley Motors Financial Services”, “Lamborghini Financial Services” and “Volkswagen Group Leasing”.

In the remainder of this Policy, we refer to VWFSA or any of the above business names we use simply as “we”, “us” or “our”.

3. “Personal Information” Defined

Personal Information means information or an opinion about an identified individual, or an individual who is reasonably identifiable whether the information or opinion is:

  • True or not; and
  • Recorded in a material form or not.

For the purposes of this Policy, Personal Information includes:

  • “Identification Information” (see the definition in section 17.5 (Identification information);
  • Financial information: examples are your income, expenses, commitments, debts, savings and investments;
  • Family status and dependants information: examples are whether you are married, single, in a de facto relationship and number and/or ages of children or persons you maintain;
  • Educational and technical qualification if you have applied for a job with us, or if you have applied for a business or contracting opportunity with us;
  • Immigration and visa status if you have applied for a job with us or if you have applied for a business or contracting opportunity with us;
  • Sensitive Information [see definition in section 17.11 (Sensitive information) below]; and
  • Credit Information.

4. “Credit Information” Defined

“Credit Information” is Personal Information that includes:

  • Consumer Credit Liability Information (see definition in section 17.1);
  • Repayment History Information (see definition in section 17.10);
  • Information Request (see definition in section 17.6);
  • Information about the type of consumer credit or commercial credit, and the amount of credit, sought in an application:
  • Default Information (see definition in section 17.4);
  • Payment Information (see definition in section 17.8);
  • Personal Insolvency Information (see definition in section 17.9);
  • Credit Worthiness Information (see definition in section 17.3); and
  • Serious Credit Infringement (see definition in section 17.12).

5. Reasons For Collecting Information

In general, we will only collect Personal Information that is reasonably necessary for us to achieve any or a combination of the primary purposes mentioned in section 5.1 and 5.2 below and the secondary purposes mentioned in section 5.3.

5.1 Primary purpose – assess applications & manage accounts

We collect, hold, use and disclose Personal Information for the following primary purposes, that is, to:

  • Assess and/or process your application for any of our products or services and advise you about its outcome;
  • Assess and/or process your application for employment with us and advise you about its outcome;
  • Assess and/or process your application to be engaged as an independent contractor for, or an external services provider to, us and advise you about its outcome;
  • Comply with your instructions from time to time if we establish an account with you, including sending you notices and updating your details;
  • Establish and manage any account we establish including;
  • Assist you to pay any amount due, payable or unpaid in relation to the product or service we have agreed to provide you;
  • Collect any amount due or unpaid in relation to the product or service we have agreed to provide you;
  • Pay your salary, wages or other moneys due or payable in relation to your employment contract and give you notices in connection with your employment with us; and
  • Pay or receive any amount due or payable in relation to any contract for services we have with you and give you notices in connection with the contract for services.

5.2 Primary purpose – to comply with law

We also collect Personal Information in compliance with our legal or regulatory obligations including those we have under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006, the National Consumer Credit Protection Act 2009, the Corporations Act 2001, the Privacy Act 1988 (“Privacy Act”) and various Australian employment, taxation and immigration laws.

Furthermore, we will collect Personal Information if we are required by or under a court or tribunal order to collect that information.

If the collection of Personal Information is required by any other law or court or tribunal order, we will advise you of the relevant law or the details of the court or tribunal order at the time of collecting the information or as soon as practicable after we have collected the information.

5.3 Secondary purposes

We collect, hold, use and disclose your Personal Information for any or a combination of the following secondary purposes:

  • Tell you about our products or services unless you tell us to stop;
  • Share it with our brand partners Audi Australia Pty Limited, Škoda Pty Limited and Volkswagen Group Australia Pty Limited so that they can tell you about their products or services unless you tell us to stop;
  • Share it with the initial dealerships and/or authorised credit representatives that introduced you to us unless you tell us to stop.
  • Train our staff;
  • Conduct customer surveys unless you tell us to stop;
  • Conduct employee surveys unless you tell us to stop;
  • Undertake other direct marketing unless you tell us to stop;
  • Undertake market and product research unless you tell us to stop;
  • Develop and improve our products and services;
  • Design, implement, maintain, review, or test our business and information technology systems, processes, infrastructure or platforms;
  • Instruct our legal advisers, accountants, auditors, insurers or other external service providers;
  • Make reports to our senior management in Australia and in Germany;
  • Manage our risk exposures;

6. Whose Information We Collect

6.1 Individuals

In the remainder of this page, we will refer to the reader of this Privacy Policy or any individual’s whose Personal Information we collect, use, disclose and hold in connection with our business activities as “you” or “your”.

We will collect your Personal Information if you are an individual who:

  • Has applied for, or we have agreed to provide, any of our products or services;
  • Is a guarantor of the individual mentioned in (a) above;
  • Is a professional services provider (such as lawyer, accountant, financial counsellor) to, or is related to, next of kin, referee, witness or personal or legal representative of, the individual mentioned in (a) above;
  • Is an agent, director or authorised officer or employee of a body corporate including a business, organisation or agency, that has applied for, or we have agreed to provide, any of our products or services to;
  • Has applied for employment with us, or we have agreed to employ;
  • Is a referee of the individual mentioned in (e) above;
  • Has applied for to be engaged, or we have agreed to engage, to provide external services to us or to provide such services to;
  • Is a referee, current or past employer or professional services provider of the individual mentioned in (g) above; or
  • Is a visitor to any of places of business.

7. When We Collect Information

7.1 General

We will collect Personal Information (from you) in the following circumstances:

  • When the individual mentioned in section 6.1 (a) has applied for any of our products or services or during the course of that individual holding a product or service we have agreed to provide them;
  • When managing any account we have established in relation to a product or service we have agreed to provide the individual mentioned in section 6.1 (a) including collecting or attempting to collect any amounts due or payable in relation to any such product or service;
  • When the business, organisation or agency mentioned in section 6.1 (d) has applied for any of our products or services or during the course of that business, organisation or agency holding a product or service we have agreed to provide them;
  • When managing any account we have established in relation to a product or service we have agreed to provide the business, organisation or agency mentioned in section 6.1 (d) including collecting or attempting to collect any amounts due or payable in relation to any such product or service;
  • When any person, business, organisation or agency who is acting on your behalf (such as your accountant, lawyer, financial counsellor, power of attorney or other legal representative) or who you have entered into a contract with or proposing to enter a contract with (such as an insurer) provides your Personal Information to us in relation to a product or service we have agreed or we are proposing to provide you;
  • When you apply for employment with us or we have agreed to employ you;
  • When establishing or managing any account we have established if we have agreed to employ you;
  • When you apply for or we have agreed to enter into a contract for services with you;
  • When a business, organisation or agency you are acting for or you are a director, officer or employee of, has applied for a contract for services with us or we have agreed to engage that business, organisation or agency under a contract for services;
  • When establishing or managing any account in relation to the contract for services mentioned in 7.1 (h) and 7.1 (i) ;
  • When we are required by or under an Australian law, court or tribunal order or by a regulatory body to collect your Personal Information;
  • When you visit any of our places of business; and
  • When we are conducting a product or market research or a customer survey.

7.2 Credit Information

In addition to the circumstances mentioned in section 7.1 (General), we may collect Credit Information from a Credit Reporting Body (“CRB”) (as defined in section 17.2) when we are assessing a credit application you have made to us or you have made on behalf of a business, organisation or agency.

Also, we will collect and use Credit Information in our own records including information on your payments, repayments or default.

Furthermore, we will obtain Credit Information from other Credit Providers with whom you have or had a credit account.

Finally, we will collect your Credit Information from publically available sources including personal insolvency information entered or recorded in the National Personal Insolvency Index (as defined in the Bankruptcy Act).

8. How We Collect Information

8.1 Lawful, Reasonable & Transparent Means

We will only collect Personal Information by lawful, fair and transparent means. Except in a limited number of cases, we will collect Personal Information directly from you and with your consent.

8.2 You do not have to provide information

You are under no legal or moral obligation to provide Personal Information we ask for and we will not oblige you to provide Personal Information (see section 9).

8.3 Consequences for not providing information we request

If you fail or refuse to provide any Personal Information we ask for, we may not be able to do any or a combination of the things mentioned in section 5.1 (Primary purpose – assess product application and manage accounts) or section 5.2 (Primary purpose – to comply with law).

In some cases if we do not collect, use and/or disclose the Personal Information we ask for we may not only risk providing you an unsuitable product or service, but we may also be in breach of our legal or regulatory obligations.

8.4 Important Details about Credit Information

If the information we are collecting includes Credit Information:

  • We are likely to disclose your information to any or all of the following CRB’s as defined in section 17.2 (Credit reporting bodies):

(i) Veda Advantage Ltd - www.veda.com.au;

(ii) Dunn & Bradstreet Pty Ltd - www.dnb.com.au ;

(iii) Experian Australia Credit Services Pty Ltd - www.experian.com.au .

For contact details and information on how credit reporting bodies manage credit information, please see their privacy policies available at the links above.

  • CRB’s may include the information we disclose to them in reports provided to other credit providers as your Credit Worthiness Information [as defined in section 17.3 (Credit worthiness information)];
  • If you fail to meet your payment obligations in relation to a consumer credit contract you enter with us, or you commit a “Serious Credit Infringement” [defined in section 17.12 (Serious credit infringement)]), we are entitled to disclose this to the the CRB’s outlined in Section 8.4 (a);
  • You can contact the CRB’s outlined in Section 8.4 (a) to:

(i) Obtain their Credit Information management policy;

(ii) Request them not to use your credit reporting information for the purposes of pre-screening of direct marketing by a credit provider; and

(iii) Request them not to use or disclose your credit reporting information, if you believe on reasonable grounds that you have been, or you are likely to be, a victim of fraud; and

  • You can also contact us in relation to your Credit Information in any of the circumstances mentioned in section 16.1 (Reasons for contacting us)..

8.5 How we collect information

If reasonable and practicable, we will collect Personal Information or Credit Information directly from you:

8.6 Using third parties to collect information

In some cases, we may authorise another person, such as a motor vehicle dealership, a recruitment organisation or background checking service provider (if you have applied for a job, business or contracting opportunity with us) to collect your Personal Information on our behalf.

8.7 Collecting information from another person

With the exception of the circumstances mentioned in section 8.8 (Related organisations), we will only collect your Personal Information from another person with your express or implied consent. Some third parties from whom we may collect Personal Information include:

  • Your nominated accountant or financial counsellor;
  • Authorised motor vehicle dealerships;
  • Your nominated representative such as lawyer, power of attorney, trustee, any person who purports to be acting on your behalf or any person you have notified us as your referee or next of kin;
  • Professional or business referees you have advised to us;
  • A CRB (as defined in section 17.2) in some circumstances;
  • Another credit provider, financier or financial institution; and
  • Your insurer or broker.

Finally, we may collect Personal (other than sensitive) Information from someone else if it is unreasonable or impracticable to collect the information from you.

8.8 Related organisations

In some cases we may collect your Personal Information from an organisation or person that is related to us if the primary purpose for which that organisation or person collected your information in the first place was or is related to the primary purpose for which we would collect your information.

8.9 Unsolicited information

If we receive your Personal Information which we did not ask for and determine that we are not entitled to collect the information, we will take reasonable steps as soon as practicable to destroy or de-identify the information if it is not contained in a record or document of the Commonwealth government of Australia. If the information is contained in a record or document of the Commonwealth government of Australia we will attempt to return it to you, and failing that, we will return the record to the relevant Commonwealth government agency.

If we determine that we are entitled to collect the Personal Information we did not ask for and you are an existing customer of ours or you are a guarantor or a person acting on behalf of an existing customer of ours, we will advise you about the information and seek your consent to manage the information in accordance with the requirements of this Privacy Policy, unless we have obtained your consent on a previous occasion.

9. Anonymity & Psuedonymity

If it is lawful, practicable and reasonable when collecting Personal Information, we will give you the option of not identifying yourself or the option of your use of a pseudonym.

An example would be where we are conducting a customer, product or market survey or research and it is practicable to obtain the information we want for the purposes of that survey or research without the need for you to tell us your names, date or birth or residential address in particular.

10. Accuracy of Information

We will take all reasonable steps in the circumstances to ensure that Personal Information we collect from or about you is accurate, complete and up-to-date.

Accordingly, in some cases, we may ask you for an independent and reliable document or use an electronic data source to verify that the Personal Information you have given us is accurate, complete and up-to-date.

If we identify any discrepancy between information you provided us and information in an independent and reliable document or electronic data source, we will give you an opportunity to correct or reconcile the discrepancy, if it is reasonable or practicable for us to do so, before using the information for the purposes for which we have collected it.

We may terminate a product or service we have agreed to provide you, your employment with us or your business or contracting relationship with us if we find that Personal we relied on to offer you the product, service, job or business or contracting opportunity was not accurate, complete or up-to-date at the time we collected or used it.

11. Sending Information Overseas

From time to time, we will send data containing Personal Information to our parent and related companies.

Whilst it is not practicable to list every country in which recipients may be located, receipients of such disclosures are likely to include Germany Singapore and the United Kingdom..

12. Use or Disclosure for Permitted Purposes

We will use or disclose Personal Information we hold if:

  • The use or disclosure of the information is required or authorised by or under an Australian law or a court or tribunal order;
  • A “permitted general situation” (as defined in the Privacy Act) exists in relation to the use or disclosure of the information by us;
  • A “permitted health situation” (as defined in the Privacy Act) exists in relation to the use or disclosure of the information by us; or
  • We reasonably believe that the use or disclosure of the information is reasonably necessary for one or more “enforcement related activities” (as defined in the Privacy Act) conducted by, or on behalf of, an enforcement body.

13. How We Protect Your Information

13.1 General

The security of your Personal we hold is important to us and we take all reasonable steps in the circumstances to protect it from unauthorised access, misuse, interference, loss, disclosure or modification.

We keep Personal Information we hold in various formats including paper and electronic formats.

Some of the ways we secure your Personal Information are:

  • Imposing confidentiality of Personal Information requirements on our employees and persons or organisation we will disclose your Personal Intormation to;
  • Implementation of a document storage policy;
  • Password and username measures for access to our information technology and business systems;
  • Verification of customers before disclosing Personal Information;
  • Restrction of access to our buildings; and
  • Electronic security systems such as firewalls and data encryption on our websites.

We can store Personal Information physically or electronically with third party data storage providers. Where we do this, we use contractual arrangements to ensure those providers take appropriate measures to protect that information and restrict the uses to which they can put that information.

13.2 Destroying and de-identifying of information

In general, we will destroy Personal Information or any document or record containing Personal Information we no longer need the information or if we are not required by or under an Australian law to keep the information or the document or record beyond a required period.

If it is not practicable to destroy the information or the document or record containing the Personal Information, we will put the document “beyond use” (as defined in the Credit Reporting Code).

In some circumstances, we will “de-identify” Personal Information instead of destroying it including circumstances we are required by or under an Australian law to keep the information or the document or record.

14. Requesting Access To Your Information

14.1 General

You can request access to your Personal Information by contacting us [see section 16.1 (Reasons for contacting us) and section 16.2 (Our contact details)].

Also, you may use a third party (access-seeker) to make a request to us for access to your Personal Information.

14.2 Adequate verification before giving access

In whatever manner and whenever you contact us, we will verify your identity or that of any person you have authorised to be given access to your Personal Information before we agree to give access.

Also, if you authorise an access-seeker to request access to your Personal Information you must do so in writing before we can give them access.

We reserve the right to change our identity verification requirements from time to time without notice.

14.3 Period for giving access to Personal Information

We will endeavour to respond to your request for access to Personal Information within a reasonable period of time after the date we have verified your identity in accordance with section 14.2 (Adequate verification etc.).

If for any reason we cannot or we refuse to give access to your Personal Information within the above timeframe, we will give you a written notice that sets out the reason for the refusal and/or the reasons we are unable to provide access within the above timeframe. If necessary, we may request you to agree to an extension of time to give access.

Also, in any of the above circumstances, we will advise you of how you can make a complaint about our refusal to give access or our failure to give access within a reasonable time.

14.4 Period for giving access to Credit Information

For a request to access your Credit Information, we will endeavour to provide access to you within 30 days of receiving your request, unless unusual circumstances apply. In those circumstances, we will notify you with our reasons (if reasonable for us to do so) and advise you of your right to refer our refusal or failure to provide access within the timeframe to the Credit & Investments Ombudsman [see section 16.5 (Referral to EDR)] and/or to the Privacy Commissioner [see section 16.6 (Referral to Privacy Commissioner)].

14.5 If unreasonable to give access in a particular form

Your request for access may specify the form or manner you wish your information to be provided to you including whether you wish the information to be given to you over the telephone or in writing and by regular post, email or facsimile.

If reasonable or practicable, we will give you access in the form or manner you have specified.

If it is not reasonable or practicable to give you access in the form or manner you have requested, we will take steps that we consider are reasonable in the circumstances to give access in a way that meets both your and our needs, including, giving access through a mutually agreed intermediary.

14.6 Fees and charges

In general, we will not charge you a fee for making a request for access to your Personal Information.

Also, we will not charge you any fee for providing you a copy of this policy in a form you have requested if it is reasonable for us to provide the information in that form.

We may charge a fee for retrieving and preparing the information and/or giving it to you in the manner you have requested it to be provided to you. However, any such fee will not be excessive in the circumstances and will not apply to the making of the request.

We may ask you to pay any charge or fee before we can progress your request.

14.7 When we may refuse access

We will refuse you access to your Personal Information if:

  • We reasonably believe that giving you access would pose a serious threat to the life, health or safety of any individual, or to public health or public safety;
  • Giving access would have an unreasonable impact on the privacy of other individuals;
  • Your request is frivolous or vexatious;
  • Your request relates to existing or anticipated legal proceedings between you and us, and you would not be able to gain access through a discovery process in those proceedings;
  • Giving access would reveal our intentions in relation to negotiations with you in such a way as to prejudice those negotiations;
  • Giving access would be unlawful;
  • Denying access is required or authorised by or under an Australian law or a court or tribunal order;
  • Both of the following apply:

(i) We have reason to suspect that unlawful activity, or misconduct of a serious nature, that relates to our functions or activities has been, is being or may be engaged in; and

(ii) Giving access would be likely to prejudice our taking of appropriate action in relation to the matter;

  • Giving access would be likely to prejudice one or more enforcement related activities (as defined in the Privacy Act) conducted by, or on behalf of, a law enforcement body; or
  • Giving access would reveal evaluative information we have generated in connection with a commercially sensitive decision‑making process.

We may refuse to give access to your Credit Information if:

  • Giving access would be unlawful; or
  • Denying access is required or authorised by or under an Australian law or a court/tribunal order; or Giving access would be likely to prejudice one or more enforcement related activities conducted by, or on behalf or, an enforcement body.

15. Requesting Correction Of Information

15.1 Correcting inaccurate information ourself

If we are satisfied on reasonable grounds that the Personal Information we hold about you is inaccurate, out‑of‑date, incomplete, irrelevant or misleading, we will take appropriate steps to correct the information [see generally, section 10: (Accuaracy of informtion)].

If we correct your Personal Information we will take appropriate steps within 7 days of the correction, to notify you and any other person, organisation. If the information corrected is Credit Information, any “affected information recipient” (as defined in the Privacy Act) or “CRB” (, to which we had provided the pre-corrected information, that your information has been corrected.

15.2 Asking us to correct your information

You too can ask us to correct the Personal Information we hold about you if you consider the informtion is not accurate, up‑to‑date, complete, relevant or it is misleading or deceptive.

Also, you may request us to take reasonable, practicable or lawful steps to notify any other organisation to which we provided your Personal Information on a previous occasion, that we have corrected your information.

15.3 Timeframe for correcting Personal Information

If your request relates to Personal Information that is not Credit Information, we will respond to the requests within a reasonable period of time of receiving it.

15.4 Timeframe for correcting Credit Information

If the request relates to your Credit Information, we will respond to the request within 30 days from the date you make the request.

If we are not able to meet the above timeframe we will seek your written consent for an extension of time to respond to your request.

15.5 No fees for requests

We will not charge you any fees for making a request to us to correct your information.

15.6 If we refuse to correct information

If we refuse to correct your Personal Information, we will give you a written notice that sets out:

  • The reasons for the refusal except to the extent that it would be unreasonable to do so; and
  • Your rights to make a complaint about our decision including referring it to the Credit & Investments Ombudsman or to the Privacy Commissioner; and
  • Any other matter prescribed by regulations introduced under the Privacy Act to be mentioned in the written notice.

15.7 Request to associate statement

If we refuse to correct your Personal Information, you may request us to associate a statement with the Personal Information that you consider is inaccurate, out‑of‑date, incomplete, irrelevant or misleading.

Within a reasonable period of time after receiving your request, we will take any step that is reasonable, practicable and lawful in the circumstances to associate the statement in such a way that will make the statement apparent to users of the information.

We will not charge any fee for a request to associate a statement as described above.

16. Contacting Us

16.1 Reasons for contacting us

Amongst other things, you may contact us if you:

  • Do not wish your Personal Information to be collected, used and/or disclosed in accordance with this Privacy Policy;
  • Have any concern about our Privacy Policy generally;
  • Want us to provide our Privacy Policy to you in some other form;
  • Want to understand why we collected your Personal Information;
  • Wish to request access to your Personal Information;
  • Wish to request us to correct your Personal Information;
  • Wish to ask us to associate a statement with your Personal Information or following our refusal to correct such information;
  • Wish to make a complaint including a complaint:

(i) About how we have handled your Personal Information;

(ii) That a conduct of us amounts to the interference with your privacy (as defined in in the Privacy Act);

(iii) That we have breached a provision of the Privacy Act, the Credit Reporting Code or an Australian privacy principle or the credit reporting code;

(iv) About our refusal to give access to your Personal Information or our delay in responding to your request for access to such information; and

(v) About our refusal to correct your Personal Information or our delay in responding to your request to correct such information;

  • Wish to ask us to stop sending you direct marketing or promotional material;
  • Wish to ask us to stop sharing your Personal Information with our brand partners [see section 5.3 (b) (Secondary purposes)] above or for the purposes mentioned in that section; or
  • If you do not want to participate in a customer survey we have invited you to participate in.

16.2 Our Contact Details

You may write to or email us as follow:

Mail: The Privacy Officer

Volkswagen Financial Services Australia Pty Limited.

Locked Bag 4002, Chullora NSW 2190

Email: compliance@vwfs.com.au

Website: www.vwfs.com.au

16.3 Acknowledging requests and complaints

We will endeavour to acknowledge your request or complaint within 7 days after we have received it. Depending on the circumstances, we may acknowledge your request or complaint by phone, email, regular post or facsimile. A complaint in relation to Credit Informationwill be acknowledged by email, regular post or facsimile.

16.4 Request & Complaint Process

We will take reasonable steps to investigate the subject matter of your request or complaint. Such steps may include liaising with our external representatives who are familiar with the subject matter of the request.

If the request or complaint concerns Credit Information, we may consult with other external organisations or agencies in particular a relevant Credit Reporting Body [as defined in section 17.2 (Credit reporting body)], other credit providers and “affected information recipients" (as defined in the Privacy Act). Whether such consultation is necessary will depend upon whether we provided your information to those external organisations or agencies or whether we obtained your information from them.

Also, in some cases we may seek advice from our own legal or other professional advisors in relation to your request or complaint.

We will give you reasonable opportunity to present your case.

Any information we discover during the investigation stage will be analysed and evaluated before a decision is reached on the merits of your request or complaint.

You will be advised about our decision within the timeframes specified in this Policy if applicable to your request or complaint or within the timeframe specified in the Privacy Act or Credit Reporting Code.

If our decision is in writing, it will contain the reasons for the decision and information on your right to refer our decision to the Credit & Investments Ombudsman [see section 16.5 (Referral to EDR)] or to the Privacy Commissioner [see section 16.6 (Referral to Privacy Commissioner)] if you are not satisfied with the decision.

16.5 Referral to EDR

If you are not satisfied with our response to your request or complaint, you may refer it to the Credit & Investments Ombudsman, external dispute resolution (EDR) scheme of which we are a member.

The Credit & Investments Ombudsman’s contact details are:

Mail: Credit & Investments Ombudsman

PO Box A252

South Sydney NSW 1235

Fax: (02) 9273 8440

Website: www.cio.com.au

16.6 Referral to Privacy Commissioner

You may also refer our decision to the Privacy Commissioner if you are not satisfied with it. The Privacy Commissioner’s contact details are:

Mail: Privacy Commissioner

GPO Box 5218

Sydney NSW 2001

Telephone 1300 363 992

Email: enquiries@oaic.gov.au

16.7 Employee requests & complaints

Employees may make requests directly to the Human Resources team for access to their Personal Information.

Employees may also request the Human Resources team to correct their Personal Information if they consider the information we hold on them is not accurate, up‑to‑date, complete, or relevant or if they consider the information is misleading.

Within a reasonable time after we have corrected an employee’s Personal Information, we will advise any person, organisation or agency we provided the pre-corrected information to that the information has been corrected.

Alternatively, employees may log into their personal accounts in the pay roll system to correct their own Personal Information if they wish to do so.

Employees also have the right to make a complaint if they consider we have not handled their Personal Information appropriately including in accordance with this Policy or in accordance with the Australian privacy principles or the Privacy Act.

Employees may make privacy complaints directly to the Compliance and Operational Risk Manager or through our external whistle blower service provider whose website address is www.whistleblowing.com.au . Because of the inherent nature of privacy complaints, employees are advised that it may not be practicable for the Compliance and Operational Risk Manager or external whistle blower service providers to guarantee employees anonymity during the investigation of privacy complaints.

17. Definitions Of Some Terms Used In This Policy

The following definitions are based on the definitions in the Privacy Act. If there is any inconsistency between any definition in this section and a corresponding definition in the Privacy Act, the latter definition will apply.

17.1 Consumer Credit Liability Information

In relation to consumer credit provided to an individual the following information about the consumer credit is consumer credit liability information about the individual:

  • The name of the credit provider;
  • Whether the credit provider is an Australian credit licensee;
  • The type of consumer credit;
  • The day on which the consumer credit is entered into;
  • The terms or conditions of the consumer credit:

(i) That relate to the repayment of the amount of credit; and

(ii) That are prescribed by the regulations;

  • The maximum amount of credit available under the consumer credit;
  • The day on which the consumer credit is terminated or otherwise ceases to be in force.

17.2 Credit Reporting Body (“CRB”) or Credit Reporting Bodies (CRB’s)

Means organisation/s or an agency or agencies prescribed under the Privacy Act that are in the business of collecting, holding, using or disclosing Personal Information or Credit Information about individuals for the purposes of providing others information about the Credit Worthiness of an individual.

17.3 Credit Worthiness Information

Means a statement or opinion about your:

  • Eligibility to be provided with consumer credit;
  • History in relation to consumer credit; or
  • Capacity to repay an amount of credit that relates to consumer credit.

17.4 Default Information

Means information about a payment (including a payment that is wholly or partly a payment of interest) that you are overdue in making in relation to consumer credit provided to you and:

  • You are at least 60 days overdue in making the payment;
  • The Credit Provider has given you written notice requesting payment of the overdue amount;
  • The Credit Provider’s right to be paid the amount is not prevented by a statute of limitations; and
  • The amount is $150 or more or an amount prescribed by regulation.

17.5 Identification Information

For the purposes of this Policy, Identification Information includes your:

  • Current and previous names and aliases;
  • Date of birth;
  • Sex;
  • Current and previous residential addresses;
  • Photograph;
  • Signature;
  • Handwriting;
  • Voice recording;

i) Licence, permit or authorisation that contains any or a combination of the previously mentioned identification information;

  • Tax file number or some other “government related identifier” (as defined in the Privacy Act);
  • Current and previous employers’ names and business names.

17.6 Information Request

Means any information we have sought from a CRB (as defined in section 15.2) that relates to:

  • Your application for consumer credit made to us;
  • An application for commercial credit made to us; or
  • Assessing whether to accept you as a guarantor in relation credit provided or to be provided to another person.

17.7 New Arrangement Information

Means a statement that the terms or conditions of an original consumer credit we have provided to you has been varied or that we have provided you with a new consumer credit because of you had been overdue in making the payments under the original consumer credit.

17.8 Payment Information

Means a statement that on a specified date or day, you have paid in part or wholly an amount of an overdue payment we included in default information we had disclosed to a CRB (as defined in section 15.2).

17.9 Personal Insolvency Information

Means information about you entered or recorded in the National Personal Insolvency Index and relates to:

  • Your bankruptcy, a debt agreement proposal you have given or made;
  • Personal insolvency agreement you have executed;
  • A direction given, or an order made, under section 50 of the Bankruptcy Act that relates to your property; or
  • An authority signed under section 188 of that Act that relates to your property.

17.10 Repayment History Information

Means:

  • Whether or not an individual has met an obligation to make a monthly payment that is due and payable in relation to a consumer credit;
  • The day on which the monthly payment is due and payable;
  • If the individual makes the monthly payment after the day on which the payment is due and payable—the day on which the individual makes that payment.

17.11 Sensitive Information

Means:

  • Information or an opinion about your:

(i) Racial or ethnic origin;

(ii) Political opinions;

(iii) Membership of a political association;

(iv) Religious beliefs or affiliations;

(v) Philosophical beliefs;

(vi) Membership of a professional or trade association;

(vii) Membership of a trade union;

(viii) Sexual orientation; or

(ix) Criminal record;

  • Your health information; or
  • Your genetic information that is not otherwise health information;
  • Your biometric information that is to be used for the purpose of automated biometric verification or biometric identification; or
  • Your biometric templates.

17.12 Serious Credit Infringement

Means:

  • Any act on your part that involves fraudulently obtaining consumer credit, or attempting fraudulently to obtain credit from us;
  • An act on your part that involves fraudulently evading or attempting to fraudulently evade your obligations in relation to a consumer credit; or
  • Any act on your part:

(i) From which a reasonable person would consider indicates your intention to no longer comply with your obligations in relation to consumer credit we have provided to you; and

(ii) In relation to which the credit provider has, after all reasonable efforts, been unable to contact you about the act; and

(iii) At least 6 months have passed since we last had contacted you.