When you trust us with your personal information, you expect us to protect it and keep it safe
We are bound by the Privacy Act 1988 (Cth) ('Privacy Act') and will protect your personal information in accordance with the Australian Privacy Principles. These principles govern how we can collect, use, hold and disclose your personal information, as well as ensuring the quality and security of your personal information.
If you would like more information about how we protect your privacy, please contact us.
About this policy
When you apply for our products or services we may ask for identification information. This could include your name, address, contact details and date of birth. We may also collect your tax file number if we are authorised to collect it and if you choose to supply it. If you apply for insurance, we may collect information about what is being insured, the beneficiaries, and your health and financial situation, depending on the type of insurance.
Throughout the life of your product or service, we may collect and hold additional personal information about you. This could include transaction information or making a record of queries or complaints you make and, if you make an insurance claim, collecting additional information to assess the claim.
The collection of sensitive information is restricted by the Privacy Act. This includes information about your religion, racial or ethnic origin, political opinions, criminal record, and sexual orientation. It also includes health information and biometric information.
Generally, we only collect this sort of information if it is necessary to provide you with a specific product or service and you have consented to that collection. For example, we may collect health information about you to process a claim under an insurance policy or collect voice biometric information to verify your identity or authorise transactions.
The main reason we collect, use, hold and disclose personal information is to provide you with products and services. This includes:
- checking whether you are eligible for the product or service;
- assisting you where online applications are not completed;
- providing the product or service; and
- helping manage the product or service.
We may also use your information to comply with legislative or regulatory requirements in any jurisdiction, prevent fraud, crime or other activity that may cause harm in relation to our products or services and to help us run our business. We may also use your information to tell you about products or services we think may interest you.
We collect most personal information directly from you. For example, we will collect your personal information when you apply for or use a product or service or talk to us in person or on the phone.
We also collect information from you electronically. For instance, when you visit our website or whenever you apply for or access Westpac Group products and services electronically (see "Do we collect personal information electronically?").
Sometimes we collect personal information about you from other people or organisations. This may happen without your direct involvement. For instance, we may collect personal information about you from:
- other Westpac Group companies;
- publicly available sources of information, such as public registers;
- your representatives (including your legal adviser, mortgage broker, financial adviser, executor, administrator, guardian, trustee, or attorney);
- your employer;
- other organisations, who jointly with us, provide products or services to you;
- commercial information service providers, such as companies that provide fraud prevention reports; and
- insurers, re-insurers and health care providers.
We are required or authorised to collect:
- certain identification information about you by the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) and Anti-Money Laundering and Counter-Terrorism Financing Rules Instrument 2007 (No. 1);
- your Tax File Number, if you choose to provide it, by the Income Tax Assessment Act 1936 (Cth);
- if you have applied for credit or provide a guarantee, certain information about your financial position under the National Consumer Credit Protection Act 2009 (Cth), and if you give us a mortgage security, certain identification information under property laws in some states and territories; and
- certain information in relation to your application if you have applied for an insurance as required by the Insurance Contracts Act 1984 (Cth).
Much of the information we hold about you will be stored electronically in secure data centres which are located in Australia and owned by either the Westpac Group or external service providers. Some information we hold about you will be stored in paper files. We use a range of physical and electronic security measures to protect the security of the personal information we hold. For example:
- access to information systems is controlled through identity and access management;
- employees are bound by internal information security policies and are required to keep information secure;
- all employees are required to complete training about information security; and
- we regularly monitor and review our compliance with internal policies and industry best practice.
We take reasonable steps to destroy or permanently de-identify any personal information after it can no longer be used.
We may share your personal information with other companies within the Westpac Group.
We may also provide personal information about our customers to organisations outside the Westpac Group. To protect personal information, we enter into contracts with our service providers that require them to comply with the Privacy Act. These contracts oblige them to only use the personal information we disclose to them for the specific role we ask them to perform.
Generally, we disclose personal information to organisations that help us with our business. These may include:
- our agents, contractors and external service providers (for example, mailing houses and technology service providers);
- authorised representatives and credit representatives who sell products and services on our behalf;
- insurers, re-insurers and health care providers;
- payment systems operators (for example, merchants receiving card payments);
- other organisations, who jointly with us, provide products or services to you;
- other financial services organisations, including banks, superannuation funds, stockbrokers, custodians, funds managers and portfolio service providers;
- debt collectors;
- our financial advisers, legal advisers or auditors;
- your representatives (including your legal adviser, accountant, mortgage broker, financial adviser, executor, administrator, guardian, trustee, or attorney);
- fraud bureaus or other organisations to identify, investigate or prevent fraud or other misconduct;
- external dispute resolution schemes; and
- regulatory bodies, government agencies and law enforcement bodies in any jurisdiction.
We may also disclose your personal information to others outside the Westpac Group where:
- we are required or authorised by law or where we have a public duty to do so;
- you may have expressly consented to the disclosure or the consent may be reasonably inferred from the circumstances; or
- we are otherwise permitted to disclose the information under the Privacy Act.
We may disclose your personal information to a recipient which is located outside Australia. This includes:
- Westpac Group companies located in China, India, Singapore, New Zealand, United Kingdom, United States;
- Westpac Group’s service providers which are likely to be located in New Zealand, Canada, United States, India, the Philippines, and China; and
- for international transactions, such as currency exchanges, we may need to disclose your information to the corresponding international party in order to process the transaction. The countries we disclose your information to will depend on the details of the transaction you ask us to carry out.
We will use your personal information to offer you products and services we believe may interest you, but we will not do so if you tell us not to. These products and services may be offered by a member of the Westpac Group or one of its preferred suppliers. We may offer you products and services by various means, including by mail, telephone, email, SMS or other electronic means , such as through social media or targeted advertising through Westpac Group or non-Westpac Group websites.
We may also disclose your personal information to companies outside the Westpac Group who assist us to market our products and services to you.
If you don’t want to receive marketing offers from us please contact us.
We will collect information from you electronically, for instance through internet browsing, mobile or tablet applications.
Each time you visit our website, we collect information about your use of the website, which may include the following:
- The date and time of visits;
- Which pages are viewed;
- How users navigate through the site and interact with pages (including fields completed in forms and applications completed);
- Location information about users;
- Information about the device used to visit our website; and
- IP addresses.
We use technology called cookies when you visit our site. Cookies are small pieces of information stored on your hard drive or in memory. They can record information about your visit to the site, allowing it to remember you the next time you visit and provide a more meaningful experience.
One of the reasons for using cookies is to offer you increased security. The cookies we send to your computer cannot read your hard drive, obtain any information from your browser or command your computer to perform any action. They are designed so that they cannot be sent to another site, or be retrieved by any non-Westpac Group site.
We won't ask you to supply personal information publicly over Facebook, Twitter, or any other social media platform that we use. Sometimes we may invite you to send your details to us via private messaging, for example, to answer a question about your account. You may also be invited to share your personal information through secure channels to participate in other activities, such as competitions.
Access to and correction of personal information
You can request access to the personal information we hold about you. You can also ask for corrections to be made. To do so, please contact us.
There is no fee for requesting that your personal information is corrected or for us to make corrections. In processing your request for access to your personal information, a reasonable cost may be charged. This charge covers such things as locating the information and supplying it to you.
There are some circumstances in which we are not required to give you access to your personal information.
If we refuse to give you access to or to correct your personal information we will give you a notice explaining our reasons except where it would be unreasonable to do so
If we refuse your request to correct your personal information, you also have the right to request that a statement be associated with your personal information noting that you disagree with its accuracy
If we refuse your request to access or correct your personal information, we will also provide you with information on how you can complain about the refusal.
Westpac Lenders Mortgage Insurance
For mortgage products, lenders mortgage insurance may be required if your deposit is less than 20 per cent of the purchase price. Lenders mortgage insurance protects the lender if a borrower is unable to meet their mortgage repayments
Westpac Lenders Mortgage Insurance Limited (WLMI) is one of the lenders mortgage insurers that can provide this insurance. This policy only applies to the extent that WLMI uses your personal information for the purpose of deciding whether to provide lenders mortgage insurance in connection with your mortgage and for the purpose of administering any claims.
Resolving your privacy concerns and complaints - your rights
If you are concerned about how your personal information is being handled or if you have a complaint about a breach by us of the Australian Privacy Principles, please contact us.
We will acknowledge your complaint as soon as we can after receipt of your complaint. We will let you know if we need any further information from you to resolve your complaint.
We aim to resolve complaints as quickly as possible. We strive to resolve complaints within five business days but some complaints take longer to resolve. If your complaint is taking longer, we will let you know what is happening and a date by which you can reasonably expect a response.
If you are unhappy with our response, there are other bodies you can go to.
The Financial Ombudsman Service (FOS) can consider most privacy complaints involving providers of financial services.
FOS can be contacted at:
Under the Privacy Act you may complain to the Office of the Australian Information Commissioner about the way we handle your personal information.
The Commissioner can be contacted at:
You can contact us by:
calling 132 032
visiting any of our branches or instores
writing to us at GPO Box 5265, Sydney NSW 2001.
XYLO customers can contact us by:
calling 1300 XYLO FX (1300 9956 39)
visiting our website www.xylo.com.au.
Our Privacy Officer can also be contacted in relation to privacy concerns by writing to GPO Box 5265, Sydney NSW 2001.
Meaning of words
We, us or our means:
- Westpac Banking Corporation (ABN 33 007 457 141)
- Altitude Rewards Pty Limited (ACN 099 127 376)
- Qvalent Pty Limited (ABN 71 088 314 827)
- Westpac General Insurance Limited (ABN 99 003 719 319)
- Westpac Lenders Mortgage Insurance Limited (ABN 60 074 042 934)
- Westpac Life Insurance Services Limited (ABN 31 003 149 157)
- Westpac Securities Limited (ABN 39 087 924 221)
- XYLO - A Division of Westpac Banking Corporation (ABN 33 007 457 141)
Westpac Group means Westpac Banking Corporation (ABN 33 007 457 141) and its related bodies corporate.