The last update to this document was 26 August 2021.
This policy applies to the following entities:
• Thundering Herd Pty Ltd ABN 22 603 726 085 AFS Representative Number 1239469 (an authorised representative of Acentus Pty Ltd ABN 38 603 726 530 AFSL 482717);
• Thundering Herd Funds Management Pty Ltd ABN 33 634 036 329 AFSL 519319;
• Thundering Herd Capital Pty Ltd ABN 84 634 036 169 AFS Representative Number: 001277225 (authorised representative of Acentus Pty Ltd ABN 38 603 726 530 AFSL no. 482717)
• Acentus Pty Ltd ABN 38 603 726 530 AFSL 482717,
(collectively referred to in this document as "the Group", "we", "us", "our").
We are committed to complying with the Privacy Act 1988 (Cth) and the Australian Privacy Principles as well as the Privacy Credit Reporting Code in relation to the personal information that we collect in the course of running our business.
Where applicable privacy laws provide for exceptions or exemptions, we may rely on those exceptions or exemptions in our information handling practices.
In this document:
• "APPs" means the Australia Privacy Principles set out in the Privacy Act;
• "credit-related personal information" means credit information and credit eligibility information (for further details, see section 5);
• "personal information" has the meaning set out in the Privacy Act, and (in summary) means information or an opinion about an identified individual or an individual who is reasonably identifiable, whether true or otherwise;
• "Privacy Act" means the Privacy Act 1988 (Cth); and
• "sensitive information" has the meaning set out in the Privacy Act, and includes certain specific types of personal information such as health information, and information about a person's racial or ethnic origin, sexual orientation or practices, criminal record, religious beliefs or affiliations, political opinions, membership of a political, professional or trade association, and biometric and genetic information.
1. How we collect your personal information
We will collect and hold your personal information in a fair and lawful manner, and not in an intrusive way. Where it is reasonably practical to do so, we will collect your personal information (including credit-related personal information and sensitive information) directly from you. We may collect the personal information you directly give us through some of the following means:
If we collect personal information about you from a third party we will, where appropriate, request that the third party inform you that we are holding such information, how we will use and disclose it, and that you may contact us to gain access to and correct and update the information.
2. Types of personal information we collect
The types of personal information we collect about you depends on the circumstances in which the information is collected. Typically, the types of personal information we collect include (but is not limited to) your name, address, email address and phone number.
If you request or receive financial products or services from us, you sign up to our Websites or have any other commercial dealings with us, we may also collect:
If you are an individual contractor to us or apply for a role with the Group, we may also collect information relevant to your engagement with us including qualifications, length of engagement, resume, current and former employment details, pay rate and salary, bank details, feedback from supervisors, training records and logs of your usage of our equipment (e.g. phones, computers and vehicles).
If you attend one of our premises, we may collect certain contact details that you provide to us including the date and time of attendance, and your image and/or voice through the use of CCTV systems we may have in place at our premises for managing security of the premises and health and safety of occupants and the public generally.
If you call us via telephone, we may monitor and in some cases record such telephone conversations for staff training, quality assurance and record-keeping purposes.
If you access our Website or our apps, we may utilise cookies to collect additional information about your use of our Website and apps. Please see the cookies section below for further details. If when you are on our Websites or our apps and you have provided us with permission to access your device location, we may collect information about your geographical location. If we communicates with you by email, we may use technology to identify you so that it will be in position to know when you have opened the email or clicked on a link in the email.
We only collect sensitive information about you with your consent, or otherwise in accordance with the Privacy Act. The main types of sensitive information we may collect include details of injuries (ie. health information) that may occur on our premises or details of disabilities or allergies (i.e. health information) you notify us of so we can accommodate any special requirements when you attend our premises. If you do provide sensitive information to us for any reason (for example, if you provide us with information about a disability you have), you consent to us collecting that information and to us using and disclosing that information for the purpose for which you disclosed it to us and as permitted by the Privacy Act and other relevant laws.
In addition to the types of personal information identified above, we may collect personal information as otherwise permitted or required by law.
Where you do not wish to provide us with your personal information, we may not be able to provide you with requested products or services and/or certain functionality of our Websites.
3. Our purposes for handling your personal information
As a general rule, we only process personal information for purposes that would be considered relevant and reasonable in the circumstances. The purposes for which we use and disclose your personal information will depend on the circumstances in which we collect it. Whenever practical we endeavour to inform you why we are collecting your personal information, how we intend to use that information and to whom we intend to disclose it at the time we collect your personal information.
We may use or disclose your personal information for the purposes for which we collected it (and related purposes which would be reasonably expected by you), for other purposes to which you have consented and as otherwise authorised or required by law.
In general we collect, use and disclose your personal information so that we can do business together and for purposes connected with our business operations. Some of the specific purposes for which we collect, hold, use and disclose personal information are as follows:
Section 5 describes our purposes for handling any credit related personal information.
4. Who we disclose your personal information to
We may also disclose your personal information in accordance with any consent you give or where disclosure is authorised, compelled or permitted by law.
If we disclose information to a third party, we generally require that the third party protect your information to the same extent that we do.
If you post information to certain public parts of our Websites, apps or our social media pages, you acknowledge that such information may be available to be viewed by the public. You should use discretion in deciding what information you upload to such platforms.
5. Credit reporting policy
Details of credit-related personal information we collect and why
The types of credit-related personal information that we collect and hold may include:
We may collect, hold, use and disclose your personal information including credit information and credit eligibility information for the following purposes:
We will only use or disclose your credit-related information for the purposes for which it was collected, with your consent or where we are required or permitted to do so by law. The types of persons we disclose your credit-related personal information to depend on the circumstances, however this may include credit reporting bodies and other credit providers; your guarantors or proposed guarantors; third parties, such as external debt collectors; our related entities; our contractors and agents involved in providing the financial products and services we provide to you; third parties for securitisation purposes; and such other persons where required or permitted by law.
See section 6 for details as to how we hold and protect any credit information or credit eligibility information we collect.
See section 10 for details as to whether we may transfer or disclose your credit information or credit eligibility information to entities located outside Australia.
Notifiable matters under the Privacy Credit Reporting Code
We may collect and disclose your personal information to credit reporting bodies (CRBs).
The CRB/s we use, including their contact details and how you can obtain a copy of their credit reporting policy details, are as follows:
A CRB may include the information we provide to them in reports to credit providers to assist them to assess your credit worthiness. If you fail to meet your payment obligations in relation to credit we have provided or commit a serious credit infringement, we may be entitled to disclose this to the CRB.
You may access the personal information (including credit eligibility information and credit information) we hold about you, request that we correct that information and may make a complaint if you believe we have not complied with our legal obligations regarding your information under the Privacy Act or the Privacy Credit Reporting Code. See sections 9 (Access and Correction) and 12 (Complaints handling process) below for further details.
You may request CRBs not to use their credit reporting information for the purposes of pre-screening of direct marketing by a credit provider. You may also request CRBs not to use or disclose credit reporting information about you if you believe on reasonable grounds that you have been, or are likely to be, a victim of fraud.
6. Protection of personal information
We will hold personal information (including credit information and credit eligibility information) as either secure physical records, electronically on our intranet system, in cloud storage, and in some cases, records on third party servers, which may be located overseas. We use a range of security measures to protect the personal information we hold, including by implementing IT security tools to protect our electronic databases.
We will destroy or de-identify personal information once it is no longer needed for a valid purpose or required to be kept by law.
7. Direct marketing
Like most businesses, marketing is important to our continued success. We therefore like to stay in touch with customers and let them know about new offers and opportunities. We may provide you with information about products, services and promotions either from us, or from third parties which may be of interest to you, where:
You may opt out at any time if you no longer wish to receive direct marketing messages from us. You can make this request by contacting our Privacy Officer.
We may use third party vendors to show our ads on sites on the Internet and serve these ads based on a user’s prior visits to our Websites. We may also use analytics data supplied by these vendors to inform and optimise our ad campaigns based on your prior visits to our Websites.
9. Accessing and correction
You may contact our Privacy Officer (see section 13) to request access to the personal information (including credit eligibility information and credit information) that we hold about you and/or to make corrections to that information, at any time. On the rare occasions when we refuse access (which we will only do in accordance with applicable laws), we will provide you with a written notice stating our reasons for refusing access. We may seek to recover from you reasonable costs incurred for providing you with access to the personal information we hold about you.
We are not obliged to correct any of your personal information if we do not agree that it requires correction and may refuse to do so. If we refuse a correction request, we will provide you with a written notice stating our reasons for refusing.
We will respond to all requests for access to or correction of personal information within a reasonable time.
10. Overseas transfers and disclosures
We do not generally disclose personal information (including credit eligibility information and credit information) to recipients located outside Australia.
We collect information in relation to employees as part of their application and during the course of their employment, either from them or in some cases from third parties such as recruitment agencies. Such information may include contact details, qualifications, resume, current and former employment details, pay rate and salary, bank details, feedback from supervisors, training records and logs of your usage of our equipment (e.g. phones, computers and vehicles).
Under the Privacy Act, personal information about a current or former employee may be held, used or disclosed in any way that is directly connected to the employment relationship. We handle employee information in accordance with legal requirements and our applicable policies in force from time to time.
12. Complaints handling process
When contacting us please provide as much detail as possible in relation to your question, concern or complaint.
We take all complaints seriously, and will respond to your complaint in accordance with any applicable timeframes imposed by law and otherwise within a reasonable period. We request that you cooperate with us during this process and provide us with any relevant information that we may need.
If you are dissatisfied with the handling of your complaint, you may contact the Office of the Australian Information Commissioner:
Office of the Australian Information Commissioner
GPO Box 5218, Sydney NSW 2001
Telephone: 1300 363 992
13. Contact details of Privacy Officer
The contact details for our Privacy Officer are as follows:
Postal address: Level 27, 101 Collins Street, Melbourne VIC 3000
Our Websites may contain links to other websites operated by third parties. We make no representations or warranties in relation to privacy practices of any third party website and we are not responsible for the privacy policies or the content of any third party website. Third party websites are responsible for informing you about their own privacy practices and procedures.