Last Update: 6 December 2024
Who are we?
‘We’, ‘us’ and ‘our’ refer to Mortgage Processing Services Pty Ltd ACN 608 519 044 trading as Broker Engine and its related entities (as defined in the Corporations Act 2001 (Cth)).
Our commitments to protect your privacy
We understand how important it is to protect your personal information. This document sets out our privacy policy commitment in respect of personal information we hold about you and what we do with that information.
We recognise that any personal information we collect about you will only be used for the purposes we have collected it or as allowed by law. It is important to us that you are confident that any personal information we hold about you will be treated in a way that ensures protection of your personal information.
Our commitment in respect of personal information is to abide by the Australian Privacy Principles for the protection of personal information, as set out in the Privacy Act 1988 (Privacy Act) and any other relevant laws.
Personal information
When we refer to personal information we mean information from which your identity is reasonably apparent. This information may include information or an opinion about you.
The kinds of personal information we may collect about you include:
- (Content) whatever Personal Information is included in content Organisations enter using Provider’s Services;
- (Identity Information) name, signature, date of birth, nationality, license & registration details, bank account details and other financial details, family details, employment details, educational qualifications, usernames;
- (Contact Information) email address, social media profiles, telephone & fax number, third-party usernames, residential, Provider and postal addresses;
- (Behaviour Information) habits, movements, trends, decisions, associations, memberships, finances, purchases, loans;
- (Internet Data) webpage views, IP address, referring web site addresses, location, browser type, operating system, domain name, access times and other data typically collected by analytics services like Google Analytics.
and any other information we may need to identify you.
When you visit our website or use our applications, we collect your location information, IP address, mobile device and network information and any third party sites you access.
Why we collect your personal information
We collect and receive personal information about you in order to conduct our business including for the purposes of establishing your identity, contacting you, managing our risk, and to comply with our legal obligations. We may also collect your personal information for the purposes of direct marketing and managing our relationship with you. Improvements in technology also enable organisations like ours to collect and use information to get a more integrated view of our customers. From time to time we may offer you other products and services.
If you use our products and services or apply for employment with us we will collect information about you to assist us to decide whether to engage with you and to thereafter manage your relationship with us.
We collect payment information in order to process your payments.
How do we collect your personal information?
Where reasonable and practical we will collect your personal information directly from you. We may also collect information about you that is publicly available, such as from public registers or social media, or made available by third parties. We may also collect your personal information from employers and other people such as accountants, lawyers and referees.
Do we disclose your personal information?
We may disclose your personal information:
- to our agents, contractors or external service providers to outsource certain functions, for example information technology support;
- to businesses we have a relationship with that may want to market products to you;
- to companies that provide information and infrastructure systems to us;
- to anybody who represents you, such as aggregators, lawyers, guardians, persons holding power of attorney and accountants;
- to anyone, where you have provided us consent;
- to our auditors, insurers, re-insurers and health care providers;
- to claims related providers, such as assessors and investigators who help us with claims;
- where we are required to do so by law, such as under the Anti-Money Laundering and Counter Terrorism Financing Act 2006 or in accordance with a subpoena or summons issued by a court;
- to organisations involved in our business, ratings agencies, agents, auditors or advisers, or any entity that has an interest in our business;
- to other financial institutions, for example for queries about applications you have submitted using our products or services;
- organisations that provide products or services used or marketed by us; or
- to your current or previous employer, referees or identity verification services.
Prior to disclosing any of your personal information to another person or organisation, we will take all reasonable steps to satisfy ourselves that:
- the person or organisation has a commitment to protecting your personal information at least equal to our commitment; or
- you have consented to us making the disclosure.
New technologies and data analytic software allows us to combine information we have about you and our other customers, with data sources, such as third party websites or the Australian Bureau of Statistics. We are able to analyse this data to learn more about you and other customers, and how to improve our products and service we provide to you. We may use this combined data to help other businesses better understand their customers, however we will not provide any personal information about you unless we are legally required to.
Notifiable Data Breaches
The Privacy Act includes a Notifiable Data Breaches (NDB) scheme which requires us to notify you and the Office of the Australian Information Commissioner (OAIC) of certain data breaches and recommend steps you can take to limit the impacts of a breach (for example, a password change).
The NDB scheme requires us to notify about a data breach that is likely to result in serious harm to affected individuals. There are exceptions where notification is not required. For example, where we have already taken appropriate remedial action that removes the risk of serious harm to any individuals.
If we believe there has been a data breach that impacts your personal information and creates a likely risk of serious harm, we will notify you and the OAIC as soon as practicable and keep in close contact with you about the nature of the breach, the steps we are taking and what you can do to reduce the impacts to your privacy. If you believe that any personal information we hold about you has been impacted by a data breach, you can contact us at compliance@brokerengine.com.au
Direct marketing
From time to time we may use your personal information to provide you with current information about changes to our organisation, or new products or services being offered by us or any company with whom we are associated.
If you do not wish to receive marketing information, you may at any time decline to receive such information by emailing us at promotions@brokerengine.com.au. If the direct marketing is by email you may also use the unsubscribe function. We will not charge you for giving effect to your request and will take all reasonable steps to meet your request within a reasonable timeframe.
Updating your personal information
It is important to us that the personal information we hold about you is accurate and up to date. During the course of our relationship with you we may ask you to inform us if any of your personal information has changed.
If you wish to make any changes to your personal information, you may contact us. We will generally rely on you to ensure the information we hold about you is accurate and complete.
Access and correction to your personal information
We will provide you with access to the personal and information we hold about you. You may request access to any of the personal information we hold about you at any time.
We may charge a fee for our costs of retrieving and supplying the information to you.
Depending on the type of request that you make, we may respond to your request immediately. Otherwise, we usually respond to you within seven days of receiving your request. We may need to contact other entities to properly investigate your request.
There may be situations where we are not required to provide you with access to your personal information, for example, if the information relates to existing or anticipated legal proceedings, or if your request is vexatious, or if the information is commercially sensitive.
An explanation will be provided to you if we deny you access to the personal information we hold about you.
If any of the personal information we hold about you is incorrect, inaccurate or out of date you may request that we correct the information. If appropriate we will correct the personal information. Otherwise, we will provide an initial response to you within seven days of receiving your request. Where reasonable, and after our investigation, we will provide you with details about whether we have corrected your personal or credit-related information within 30 days.
We may need to consult with other entities as part of our investigation.
If we refuse to correct personal information, we will provide you with our reasons for not correcting the information.
Using government identifiers
When we collect government identifiers, such as tax file numbers, we do not use or disclose this information other than as required by law. We will never use a government identifier to identify you.
Business without identifying you
In most circumstances it will be necessary for us to identify you in order to successfully do business with you, however, where it is lawful and practicable to do so, we will offer you the opportunity of doing business with us without providing us with personal information, for example, if you make general inquiries about our products or services.
Sensitive information
We will only collect sensitive information about you with your consent. Sensitive information is personal information that includes information relating to your racial or ethnic origin, political persuasion, memberships in trade or professional associations or trade unions, sexual preferences, criminal record, or health.
How safe and secure is your personal information that we hold?
We will take reasonable steps to protect your personal information by storing it in a secure environment. We may store your personal information in paper and electronic form. We will also take reasonable steps to protect any personal information from misuse, loss and unauthorised access, modification or disclosure.
Complaints
If you are dissatisfied with how we have dealt with your personal or information, or you have a complaint about our compliance with the Privacy Act, you may contact our complaints officer by email at complaints@brokerengine.com.au.
We will acknowledge your complaint within 24 hours. We aim to provide you with a decision on your complaint within 30 days.
If you are dissatisfied with the response of our complaints officer you may make a complaint to our External Dispute Resolution Scheme, the Australian Financial Complaints Authority (AFCA) which can be contacted by phone on 1800 931 678, by email at info@afca.org.au, or in writing to GPO Box 3, Melbourne VIC 3001; or the OAIC which can be contacted on either www.oaic.gov.au or 1300 363 992.
Further information
You may request further information about the way we manage your personal information by contacting us at compliance@brokerengine.com.au.
Change in our privacy policy
We are constantly reviewing all of our policies and attempt to keep up to date with market expectations. Technology is constantly changing, as is the law and market practices.
As a consequence, we may change this privacy policy from time to time or as the need arises. You can always find the most up-to-date version on our website (https://brokerengine.com.au/privacy-policy/).
You may request this privacy policy in an alternative form.
