- Citi Australia Credit Reporting Policy
Citi Australia's Credit Reporting Policy
This policy sets out Citigroup Pty Limited's and Diners Club Pty Limited's (collectively "Citi Australia") approach to the collection, handling and disclosure of your consumer credit-related information, including information about your credit applications and credit accounts with us and your credit reporting information that we obtain from credit reporting bodies (CRBs).
This policy is relevant to current and former credit customers, as well as other individuals we deal with in connection with credit we provide (such as guarantors and directors).
We collect, hold and disclose various types of credit-related information, including:
- your current and prior names and addresses, age, occupation (including the name of your employer) and your driver's licence number;
- that you have applied for consumer or commercial credit (including the name of each relevant credit provider), the type and amount of that credit and the fact we have accessed your consumer credit information to assess a relevant application;
- that we and other credit providers are or have been a provider of credit to you and the type, characteristics and maximum amount of credit that we have provided or will provide;
- the date that any credit contract we or other credit providers have or had with you was entered into and the date that it is terminated or otherwise ceases;
- your repayment history i.e. whether in relation to credit facilities provided by us or other credit providers, you have made payments when due and if not when overdue payments have been made;
- payments owed to us or another credit provider, in connection with credit provided to you or in relation to which you are a guarantor, overdue for more than 60 days (and, if you subsequently repay any such overdue payment, the fact of that repayment);
- whether in our or another credit provider's opinion you have committed a serious credit infringement;
- whether you have entered into arrangements with us or other credit providers in connection with credit provided to you;
- court proceedings information, personal insolvency information and credit-related publicly available information;
- scores, ratings, summaries, evaluations and other information relating to your credit worthiness which is derived by us or by CRBs wholly or partly on the basis of the information above;
- certain administrative information relating to credit, such as account and customer numbers.
While the Privacy Act uses a variety of terms to refer to the information above, to make it easier to read this policy, we refer to it below collectively as "credit information".
This information may be collected in a number of ways including:
- where provided by you directly to us or by persons acting on your behalf (such as on applications or other forms);
- where provided by credit reporting bodies and other credit providers;
- where such information is in the public domain;
- and where such information is derived by us from your usage and (where applicable) repayment of any account held with us or other credit providers associated with us.
We may hold your credit information in physical form or in electronic form on our systems or the systems of our service providers.
The credit information we hold about you is protected by physical, electronic, and procedural safeguards and we also require our service providers that hold and process such information on our behalf to follow appropriate standards of security and confidentiality.
We train people who work for us on how to handle credit information appropriately and we restrict access to what is necessary for specific job functions.
We may collect, hold, use and disclose your credit information as reasonably necessary for our business purposes and as permitted by law. These purposes include:
- to form decisions as to whether to provide you, or an entity associated with you, with credit or to accept you as a guarantor;
- to derive scores, ratings, summaries and evaluations relating to your credit worthiness which are used in our decision-making processes and ongoing reviews;
- to manage credit we may provide, including to determine whether you are eligible to receive particular offers and invitations, to deal with our mortgage insurers and to develop our services and maintain and develop our systems and infrastructure;
- to participate in the credit reporting system and providing information to CRBs as permitted by Part IIIA of the Privacy Act and the Credit Reporting Code;
- to undertake securitisation activities;
- to assist you to avoid defaulting on your credit-related obligations;
- to undertake debt recovery and enforcement activities, including in relation to guarantors, and to deal with serious credit infringements;
- to deal with complaints and meet legal and regulatory requirements; and
- to assist other credit providers to do the same.
(Some credit information may only be used or disclosed under the Privacy Act for some of these purposes or in some circumstances).
We may disclose your credit information to CRBs for purposes such as those described above where the Privacy Act permits us to do so. For example, if you fail to meet your payment obligations in relation to consumer credit provided by us or if you commit a serious credit infringement we may be entitled to disclose this to CRBs.
CRBs may include credit information provided by us in reports provided to credit providers to assist them to assess your credit worthiness.
We share credit information with the following CRBs:
Veda - Customer Resolutions
PO Box 964
(for Veda Advantage's most up-to-date contact details please visit their website at www.mycreditfile.com.au)
You may obtain a copy of Veda Advantage's policy about their management of credit reporting information. To do so, please contact them or visit their website.
Experian Australia Credit Services Pty. Ltd.
Attn: Credit Report
PO Box 1969
(for Experian's most up-to-date contact details please visit their website at www.experian.com.au)
You may obtain a copy of Experian's policy about their management of credit reporting information. To do so, please contact them or visit their website.
Dun and Bradstreet
Attn: Public Access Centre
PO Box 7405
(for Dun & Bradstreet's most up-to-date contact details please visit their website at www.dnb.com.au)
You may obtain a copy of Dun & Bradstreet's policy about their management of credit reporting information. To do so, please contact them or visit their website.
Opting out of direct marketing pre-screenings:
A CRB may use your credit reporting information to assist a credit provider to market to you by pre-screening you for direct marketing by the credit provider. This process is known as a "pre-screening". If you do not want any of the CRBs listed above to use your information for the purpose of pre-screening, you have the right under the Privacy Act to request that they exclude you by contacting them.
If you are a victim of fraud (including identity-related fraud):
You are entitled under the Privacy Act to request that a CRB not use or disclose credit reporting information they hold about you in circumstances where you reasonably believe that you have been or are likely to be a victim of fraud, including identity-related fraud. The period while this applies is called a "ban period". You can make such a request to any of the CRBs listed above.
We may as permitted by law also share credit information with third parties, including:
- other credit providers;
- our related companies;
- organisations that perform credit assessment, management and debt collection activities on our behalf;
- current or prospective guarantors or security providers in relation to credit we are providing to you;
- mortgage insurers;
- organisations involved in debt assignment or securitisation arrangements.
(In some circumstances we may require your consent before being able to make such disclosures).
Some of these recipients may be located outside Australia. It is not reasonably practicable to list all of the countries to which your information may be disclosed from time to time but it is likely that such countries will include Singapore, India, Malaysia, the Philippines and the United States of America.
You are entitled under the Privacy Act to access the credit information we hold about you (in a manner you request, if this is reasonable and practicable). You can make the request in a letter or by telephone if you prefer. To make such a request please see our Credit Corrections Team contact details below.
Citi Privacy Officer
GPO Box 204, Sydney NSW 2001
We will need to validate the identity of anyone making an access request, to ensure that we do not provide your information to anyone who does not have the right to that information.
If you are seeking information on another person's behalf, we will require written authorisation from that Individual.
We will usually provide you with access within 30 days of a request but in some circumstances it may take longer.
Your rights to access your credit information are subject to some limitations (for example, we do not have to provide you with access to the extent it would be illegal to do so and we may need to give you access in a way that preserves the confidentiality of any methodology, data analysis methods, computer programs or other information used by us to derive relevant information).
If access is refused, we will give you a notice explaining our decision to the extent practicable and your options.
There is no charge for making an access request but an administration charge may apply for providing access in accordance with your request.
If you believe that any credit information held by us about you is not accurate, complete or up to date you have the right under the Privacy Act to request that we correct that information.
If you would like to do so please contact the Credit Corrections Team using the contact details above.
If you are seeking to correct information on another person's behalf, we will require written authorisation from that Individual.
We will normally try to resolve correction requests within 30 days of your making a request. If we need more time to resolve your request we will notify you in writing as to the delay and seek your agreement to a longer period. If we consider it necessary in order to deal with your request, we may consult with a CRB or another credit provider.
If we do not agree with a request to correct credit information we hold about you we will give you notice in writing as to our reasons and the mechanisms available to you to complain about our decision.
There is no cost involved for you to make a correction request or for the correction of your information.
If you have reason to believe that we have not complied with our obligations relating to your credit information under Part IIIA of the Privacy Act and the Credit Reporting Code, please raise this with our Customer Advocacy Unit. There are three ways you can lodge your complaint:
Mail your written complaint to:
Citigroup Pty Limited
Customer Advocacy Unit
GPO Box 204, Sydney NSW 2001
Email us at any time at email@example.com
You will receive an acknowledgment of your complaint as soon as practicable and in any case within 7 days after we receive it.
We will investigate all complaints and aim to resolve them within 30 days. If we cannot resolve your complaint within this period we will notify you as to the reasons why, specify a date when we expect a resolution and seek your agreement to extend this 30 day period (if you do not agree, we may then not be able to resolve your complaint).
If we consider it necessary in order to deal with your complaint, we may consult with a CRB or another credit provider. If, while the complaint remains unresolved, we are disclosing information subject to the complaint to a third party, we may advise the third party about the complaint.
If we find a complaint justified, we will resolve it. If necessary, we will change policies and procedures to maintain our high standards of performance, service and customer care.
If you are not happy with the way your privacy-related complaint is being handled, you can also contact the Citi Privacy Officer using the contact details below.
If we fail to deal with your complaint to your satisfaction you may refer the complaint to the relevant external dispute resolution (EDR) scheme as set out below.
Citigroup Pty Limited's EDR scheme is the Financial Ombudsman Service (FOS). You can contact FOS at:
Financial Ombudsman Service Limited
GPO Box 3
Melbourne VIC 3001
1300 78 08 08
Diners Club Pty Limited's EDR scheme is the Credit Ombudsman Service Limited (COSL). You can contact COSL at:
Credit Ombudsman Service Ltd
PO Box A252
1800 138 422
If you wish to find out more information, or raise any specific or general concerns, about our Credit Reporting Policy or credit reporting practices, our contact details are as follows:
Citi Privacy Officer
GPO Box 204, Sydney NSW 2001
Email us any time firstname.lastname@example.org
Please do not include account numbers or other sensitive data in emails, since it may not be secure.