The purpose of this policy (Policy) is to establish guidelines for the handling, collection and protection of Credit Reporting and Credit-Related Personal Information in compliance with Australian laws and regulations. This Policy outlines the practices followed by Coates Hire Operations Pty Ltd (our, us, we) to ensure we respect individuals’ rights and handle credit-related data with the highest standard of confidentiality, security and transparency.

This Policy applies to all employees, contractors and third-party service providers who collect, process or have access to Credit-Related Personal Information. It also applies to all individuals whose Credit-Related Personal Information is collected, processed or maintained by us, including customers, clients or applicants in Australia.

• Credit-Related Personal Information or Credit Information means any personal information that is used for assessing creditworthiness, including but not limited to, credit reports, credit scores, payment history, outstanding debt information and credit limits.
• Credit Reporting means the process of obtaining, using or sharing credit-related information for the purpose of assessing an individual’s or entity’s creditworthiness or eligibility for products, services or loans.
• Consumer Credit Body (CRBs) mean agencies that collect and maintain consumer credit information in Australia such as Equifax, NCI, illion Australia, Creditor Watch and Experian.
• Privacy Act means the Privacy Act 1988 (Cth).
• Privacy Code means the Privacy (Credit Reporting) Code 2024.

We collect and hold the following types of Credit Information:

a. Current and prior names and addresses, age and occupation, (including employer details).

b. Driver’s licence number.

c. Details regarding applications for commercial credit including the type and amount of credit requested and the fact that we have assessed an application.

d. Details regarding the provision of credit, the amount and whether any other credit was previously provided.

e. The date that any agreement in relation to credit ceased or was terminated and the surrounding circumstances.

f. Repayment history.

g. Details regarding payment owed to us or any other credit provider, in connection with credit provided to you or in relation to which you are a guarantor, overdue for more than 60 days.

h. Whether in our opinion, or another credit provider’s opinion, you have committed a serious credit infringement.

i. Whether you have entered into arrangements with us or other creditors in connection with the credit provided to you.

j. Court proceedings information, personal insolvency information and credit related publicly available information.

k. Any information regarding your credit worthiness.

l. Any administrative information about credit accounts of yourself and your related bodies corporate.

Our usual practice will be to collect Credit Information from you (or your authorised representative) directly and with your written consent. 

In some circumstances, we may collect Credit Information from a third party. This may include the collection of Credit Information from a CRB.

As indicated above, we will endeavour to obtain your written consent regarding the collection and further disclosure of Credit Information from and to a CRB. 

It may be necessary for us to collect your Credit Information for a specific purpose such as an investigation of a complaint.

We may be required to in some circumstances, if you fail to meet payment obligations or commit serious credit infringement to disclose your Credit Information to a CRB.

We will attempt to use the Credit Information we collect and hold for the primary purpose(s) in respect of which it is collected.

We will hold the Credit Information in a manner which is secure and protected from unauthorised access.

Your information may be held in either a physical form or in electronic form on our IT system.

We take steps to protect the information against the modification, disclosure or misuse by including such things as password protection for accessing electronic IT systems and physical restrictions. We will also take steps to ensure our service providers have protection for electronic IT systems and other necessary restrictions.

We will endeavour to ensure that our relevant staff are trained about the security of the Credit Information we hold and we will restrict any access where necessary.

Once information is no longer required, we will take reasonable steps to either destroy or de-identify the Credit Information in a secure manner.

In the event we hold Credit Information that is unsolicited and we were not permitted to collect it, the Credit Information will be destroyed as soon as practicable.

We may collect, hold, use and disclose your Credit Information as reasonably necessary so that it may be used directly for our functions or activities and as permitted by law.

We may use your Credit Information for our functions or activities to:
a. consider whether to provide you or a related entity with credit, or accept you as a guarantor; and

b. consider your credit worthiness when making decisions with respect to your application;

c. provide information to CRB’s and participate with other the credit reporting system recognised by the Privacy Code;

d. take debt recovery action and enforcement where necessary to recovery amounts against guarantors or where infringements have occurred; e. detecting and preventing fraud, financial crime and identity theft;

f. consider and address any complaints and comply with our statutory requirements.

Disclosure to CRBs As indicated above, we may disclose Credit Information to a CRB in accordance with the permitted disclosures as defined under the Privacy Act, including instances where you fail to meet your payment requirements, and you commit a serious credit infringement.

We may disclose your Credit Information to the following CRBs listed below:

A copy of the credit reporting Policy for the CRBs listed above will be available on their website or will be provided in hard copy upon request.

A CRB may use your Credit Information to assist with our marketing by “pre-screening” for direct marketing.

We are unable to use your Credit Information for direct marketing, however a CRB may be able to “pre-screen” you and provide you with an opportunity to opt out of direct marketing.

You can tell the CRB that you do not want your Credit Information used for this purpose

You are entitled to also place a 21 day ban on the sharing of your Credit Information, if you believe you have become a victim of credit fraud.

Disclosure of your Credit Information to other recipients

We may choose to, if permitted by law, share and/or disclose your credit information with third parties including:

a. other credit providers; and

b. our related companies;

c. debt collection organisations;

d. guarantors or security providers in relation to the credit we provide you; e. debt assignment organisations; 

f. credit insurers.

In some instances, we will require your written consent prior to making such disclosures. We typically obtain this consent in terms of our credit application or via our Privacy Policy.

You are entitled to access your Credit Information held in our possession.

We will endeavour to respond to your request for Credit Information within a reasonable time period and as soon as practicable in a manner as requested by you. We will normally respond within 30 days.

You can make a request for access by sending an email or letter and addressed to our Privacy Officer, details specified below.

The Privacy Officer 
Coates Hire Operations Pty Limited
Level 1, 201 Coward Street, MASCOT NSW 2020
E-mail: privacy.officer@coates.com.au

With any request that is made we will need to authenticate your identity to ensure the correct person is requesting the information.

You will only be granted access to your Credit Information where we are permitted or required by law. We are unable to provide you with access that is unlawful.

We will not charge you for making an access request, however if reasonable we may charge you with the costs associated with your access request.

In the event your access request is refused we will provide you with written notice regarding the refusal and reasons for our decision.

Should we hold Credit Information that is incorrect, you have the right to make us aware of this fact and request that the incorrect information be corrected. If you would like to make a request to correct your information, please contact our Privacy Officer on the details provided above.

In assessing your request, we will need to be satisfied that the information is inaccurate, out of date, incomplete, irrelevant or misleading. We will then take all reasonable steps necessary to ensure that it is accurate, up to date, complete, relevant and not misleading.

It is our normal request to try and resolve any correction requests within 30 days. If we require further time, we will notify you in writing and seek your consent. If we do not agree to correct your Credit Information as per your request, we will notify you in writing and provide you with our written reasons for the refusal.

We will endeavour to keep a record of where all Credit Information is used or disclosed.

The types of matters recorded by us include the following.

a. Where we have received Credit Information from another credit provider:

i. the date in which it was disclosed; and

ii. a brief description of the information disclosed;

iii. to whom the disclosure was made.

b. Records of any consent provided by an individual for purposes of disclosure.

c. Records of any correspondence and actions taken in relation to notifications or corrections, complaints, pre-screening, monitoring and auditing.

We will maintain our records for a minimum period of 7 years.

In the event that you wish to make a complaint about a failure of us to comply with our obligations in relation to the Privacy or the Privacy Act please raise this with our Privacy Officer on the contact details above. 

We will provide you with a receipt of acknowledgment as soon as practicable. We will then endeavour to respond to your complaint and attempt to resolve the issues within 30 days, unless otherwise specified.

In dealing with your complaint, we may need to consult a CRB, or another credit provider, or a third party.

If we fail to deal with your complaint in a manner that you feel is appropriate you may choose to report your complaint to an external dispute resolution scheme (EDR Scheme).

If you are not satisfied with the process of making a complaint to our Privacy Officer, you may make a complaint to the Information Commissioner. Details of which are below.

Office of the Australian Information Commissioner 
GPO Box 5218 Sydney NSW 2001 
Email: legal@oaic.gov.au 
Telephone: 1300 363 992

The Information Commissioner can decline to investigate a complaint on a number of grounds including:

a. where the complaint wasn’t made at first to us;

b. if the Information Commissioner considers the complaint has already been dealt with by a recognised EDR Scheme; or

c. if the complaint would be more effectively or appropriately dealt with by a recognised EDR Scheme of which we are a member.

We may choose to, if permitted by law, share and/or disclose your Credit Information with recipients outside of Australia. We are required to notify you with a list of any countries which Credit Information may be transmitted to, or disclosed. At this point in time, we do not share and/or disclose any Credit Information to overseas recipients.

If you have any queries regarding our credit reporting Policy or wish to find out more regarding any of our privacy policies, please contact our Privacy Compliance Officer on the details listed above.