Privacy

Leasexpress Privacy Policy

  1. Introduction
    1. In this Policy, Leasexpress, we, our or us is a reference to Lease Express Pty Ltd ACN 098 169 665.
    2. Personal information is any information about you where your identity is apparent, or can reasonably be ascertained, and may include Sensitive Information (defined below).
    3. Sensitive Information is information or an opinion about a person's racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, sexual preferences, health or medical information or criminal records.
  2. What this Policy is about
    1. This Policy explains the key measures we have taken to implement the requirements of the Privacy Act 1988 (Act) and the Australian Privacy Principles. This Privacy Policy outlines the Personal Information collection practices utilised by Leasexpress, how that information is collected, used and disclosed and your rights in relation to your Personal Information.
    2. This Policy covers Personal Information collected directly from individuals, but also Personal Information which may be provided by your employer where Leasexpress manages a corporate fleet on behalf of your employer (Employer).
    3. We endorse fair information handling practices and uses of information in compliance with our obligations under the privacy laws in force in Australia from time to time. Any information provided, including identification of individuals, will be used only for the purpose(s) intended and where the intention includes confidentiality, information will be treated as such unless otherwise required by law.
    4. This Policy represents the default position that Leasexpress will take in its treatment of Personal Information. Leasexpress will treat all Personal Information in a manner consistent with this Policy unless you have provided your express consent otherwise.
    5. If there is any inconsistency between the Act and this Policy, this Policy shall be read and interpreted to comply with the Act.
  3. Collection of Personal Information
    1. Leasexpress collects the following Personal Information:
      • Personal Information about you, which you provide to us as a customer or prospective customer, which may include your name, address, and other contact details, together with financial information you provide to us, and details of your vehicle including its registration number;
      • Sensitive Information to the extent provided by you as part of applying to Leasexpress for the provision of a quote or services, or the ongoing management of your account with us;
      • Personal Information about our employees, contractors and job applicants, including name, address, contact details and work experience.
    2. Personal Information and Sensitive Information will be typically collected when provided directly to Leasexpress by you:
      • when you contact us through our website  www.leasexpress.com.au (Website);
      • when completing a request for quote or application form;
      • during phone calls or other communications between you and us;
      • when you create an account with us;
      • during the course of your contract with us including through the provision of vehicle service records and reports, insurance or other details;
      • when you provide us with feedback or complete a survey;
      • when you contact or communicate with us by any other means;
      however, Leasexpress may from time to time also collect Personal Information regarding you from your Employer.
    3. Our Website automatically collects anonymous usage data about visitors, including the URL that the visitor came from, the browser being used and the IP address. This data is utilised to improve the services of Leasexpress and does not include any personally identifying information.
    4. Leasexpress also reserves the right to collect anonymous usage data through other websites and online systems in order to provide its customers with a better user experience. This data does not include any personally identifying information.
    5. 'Cookies' are alphanumeric identifiers that are stored by the web browser on a computer's hard-drive that enable our system to recognise a visitor to our Website. This helps Leasexpress to track basic visitor information for the purposes of optimising the design of our systems and marketing activities.
    6. Most web browsers automatically accept cookies and this function can be disabled by changing the browser settings of the user.
    7. Please note that the Website contains links to other websites which are not hosted or operated by Leasexpress. Leasexpress is not responsible for the privacy policies of such other websites and you should independently review the privacy policies on such websites.
  4. Use of Personal Information
    1. Leasexpress uses Personal Information in the following ways:
      • to manage your account and contract with us;
      • for our own internal administration purposes;
      • to meet our regulatory obligations;
      • to provide to financiers as part of submitting credit applications for approval of your financing arrangements;
      • to insurers to obtain estimates and arrange insurance for you and your vehicle(s);
      • to fuel providers to allow such providers to issue fuel cards and otherwise provide fuel as part of your leasing or related Leasexpress package.
    2. We may also use Personal Information we collect for related purposes such as:
      • to record information about your usage, preferences and behaviour in relation our services, as well as any feedback provided by you;
      • when combined with the Personal Information of other customers (in which case such combined information will no longer personal) to analyse and develop products and services that suit our customers;
      • to perform statistical analyses of user behaviour;
      • to optimise marketing activities, user experience, and content;
      • protecting individuals, customers and employers from fraud; and
      • any other use for which we obtain permission from you.
    3. We do not pass on any Personal Information to a third party except in accordance with this Policy.
    4. As a user of Leasexpress's products or services, you may occasionally receive email, promotional material or other updates from us about new information, briefings or products or services being offered by Leasexpress or any of its related companies or business partners, along with newsletters and any noteworthy changes to the Website. You may always unsubscribe and opt out from receiving these messages.
  5. Disclosure of Personal Information
    1. Other than disclosure to service providers (explained below) or as required by law (for example, disclosure to various Government departments or to Courts), our policy is that we do not give Personal Information to other organisations unless we have disclosed the use in this Policy or you have expressly consented for us to do so.
    2. The parties we may share Personal Information with are employees, subcontractors, suppliers and affiliates of Leasexpress on a need to know basis to allow the provision of services to you as requested by you. Access to Personal Information by these people is subject to such people protecting your Personal Information to at least the degree set out in this Policy, and such access will be revoked within a reasonable timeframe of access no longer being required.
    3. Occasionally, Leasexpress might also use Personal Information for other purposes or share Personal Information with another organisation because:
      • we believe it is necessary to protect your rights, property or personal safety;
      • we believe it is necessary to do so to prevent or help detect fraud or serious credit infringements - for example, we may share information with other, credit reporting agencies, law enforcement agencies and fraud prevention units; or
      • we believe it is necessary to protect the interests of Leasexpress – for example, disclosure to a Court in the event of legal action to which Leasexpress is a party.
    4. When we share information with other organisations and service providers as set out above, we do so in accordance with this Policy. To the extent that these organisations and service providers gain access to Personal Information, their use is governed by the provisions of the Act.
  6. Confidentiality and Data Security
    1. All Personal Information collected is stored on secure servers in Australia.
    2. We take all reasonable steps to manage data stored on our servers to ensure data security and to prevent the loss, misuse or alteration of Personal Information.  Notwithstanding the above, Leasexpress is not responsible for any third-party access to Personal Information as a result of:
      • interception while it is in transit over the internet;
      • an unpatched vulnerability, a zero-day vulnerability, or an attack within 48 hours of a vendor releasing a patch or update;
      • spyware or viruses on the device (such as a computer or phone) from which you access our Website or otherwise contact us; or
      • as a result of your failure to adequately protect your user name or password (if applicable).
    3. Leasexpress is also not responsible for any losses, expenses, damages and costs, including legal fees, resulting from such third-party access.
    4. If we have reasonable grounds to believe that your Personal Information that we hold may be subject to unauthorised access or disclosure (eligible data breach), we will investigate and assess the suspected eligible data breach to determine whether the eligible data breach is likely to result in serious harm to you (Notifiable Data Breach). If a Notifiable Data Breach occurs then we will notify you and the Australian Information Commissioner as soon as practicable after we become aware of the Notifiable Data Breach in accordance with our obligations under the Act. We will comply in every way with our obligations under Part IIIC – "notification of eligible data breaches" of the Act.
  7. Retention and Disposal of Personal Information
    1. We will retain Personal Information for as long as is required for us to fulfil the purposes for which the Personal Information was collected, including where applicable to provide you with our services and to comply with legal requirements.
    2. If we no longer require Personal Information for any purpose, including legal purposes, we will take reasonable steps to securely destroy or permanently de-identify the Personal Information.
    3. Personal Information is backed up frequently and tested regularly in line with Leasexpress's standard backup procedures. Personal Information that has been deleted may therefore persist within backups for a period of time after which it falls outside the backup rotation.
  8. Access to Personal Information
    1. You can access the Personal Information held about you at any time by contacting our Privacy Officer.
    2. We will always endeavour to meet requests for access. However, in some circumstances we may decline a request for access. This includes the following circumstances:
      • we no longer hold or use the information;
      • providing access would have an unreasonable impact on the privacy of other persons;
      • the request is frivolous or vexatious;
      • the information relates to existing or anticipated legal proceedings and would not normally be disclosed as part of those proceedings;
      • providing access would be unlawful;
      • providing access would be likely to prejudice the detection, prevention, investigation and prosecution of possible unlawful activity; and
      • the information would reveal the Employer's commercially sensitive information.
    3. If we decline a request for access, we will provide reasons for our decision when we respond to the request.
    4. We reserve the right to charge you a reasonable fee for access to your Personal Information. These charges will be limited to the cost of recouping our expenses for providing you with your Personal Information, such as document retrieval, photocopying, labour and delivery.
    5. Despite anything contained in this Policy to the contrary, if the Freedom of Information Act 1982 applies to a person on whose behalf we hold Personal Information, the access and correction requirements in the Act operate alongside and do not replace other informal or legal procedures by which an individual can be provided access to, or correction of, their Personal Information.
  9. Changing or deleting Personal Information
    1. We will take reasonable steps to ensure that Personal Information is accurate, complete and up-to-date at the time of collecting the Personal Information from you, using or disclosing the Personal Information, or during other interactions with you or suppliers in accordance with this Policy.
    2. If you believe that any Personal Information we hold about you is inaccurate, incomplete or out-of-date, you may contact our Privacy Officer.
    3. We will do our best to correct any Personal Information that is inaccurate, incomplete or out-of-date or dispose of it in accordance with this Policy.
  10. Contact Information and Changes to Privacy Policy
    1. If you have any further queries relating to Leasexpress's Privacy Policy, please contact our Privacy Officer. If Leasexpress becomes aware of any ongoing concerns or problems with your Personal Information, we will take these issues seriously and work to address these concerns.
    2. If you have a complaint in relation to the way your Personal Information has been handled by Leasexpress, the complaint should be made in writing to our Privacy Officer in the first instance. Leasexpress will investigate the complaint and prepare a response to you in writing within a reasonable period of time.
    3. Our Privacy Officer can be contacted by:
      Phone: (03) 9670 4840
      Email: privacy@leasexpress.com.au
    4. From time to time, our policies will be reviewed and may be revised. Leasexpress reserves the right to change this Policy at any time.

This Privacy Policy was last updated in April 2018.

Credit Reporting Policy

Overview

Lease Express Pty Ltd ACN 098 169 665 (Leasexpress) collects, holds and uses credit information about you in accordance with Part IIIA of the Privacy Act 1988 (Cth) (Act) and the Privacy (Credit Reporting) Code 2014 (Cth) (Code).

This Credit Reporting Policy explains how Leasexpress manages your credit information and is to be read in conjunction with Leasexpress' Privacy Policy (Privacy Policy).

What is credit information?

Pursuant to the Act and the Code, credit information includes any of the following information:

  • identification information about you;
  • consumer credit liability information about you;
  • repayment history information about you;
  • a statement that an information request has been made in relation to you by a credit provider, mortgage insurer or trade insurer;
  • the type of consumer credit or commercial credit and amount of credit sought in an application made by you to a credit provider and in connection with which a credit provider has made an information request in relation to you;
  • default information in relation to you;
  • payment information about you;
  • new arrangement information about you;
  • court proceedings information about you;
  • personal insolvency information about you;
  • publicly available information as to your credit worthiness (subject to some exceptions); and
  • a credit provider's opinion that you have committed a serious credit infringement in relation to consumer credit provided by the credit provider to you.

What information does Leasexpress collect and how this information is collected

Leasexpress collects credit information that you provide directly to Leasexpress through the methods set out in our Privacy Policy.

How does Leasexpress hold this credit information?

Once collected, Leasexpress holds credit information in accordance with the Act and the Code. To protect the credit information held by Leasexpress, it is stored on secure servers in Australia.

Leasexpress takes all reasonable steps to manage data stored on these servers to ensure data security and to prevent loss, misuse, or alteration.

How does Leasexpress use this credit information?

Leasexpress will only disclose your credit information in accordance with our Privacy Policy.

Leasexpress uses your credit information to provide that information to financiers as part of submitting credit applications for approval of your financial arrangements.

Leasexpress does not pass on any credit information to a third party for the purposes of direct marketing.

Access to credit information

You may request access to your credit information (Access Request). To make an Access Request, please contact Leasexpress using the contact details at the bottom of this Credit Reporting Policy.

If you make an Access Request, Leasexpress will provide you with access to your credit information unless the access falls within a relevant exception under the Act.

In order to provide you with access to your credit information, you will need to provide sufficient identifying information to Leasexpress as Leasexpress must be able to verify your identity and protect the security of the information.

Leasexpress will respond to your Access Request no more than 10 days after it has been made.

Generally, Leasexpress will not charge you for access to your credit information. However, in some circumstances, Leasexpress may charge a reasonable administrative fee to cover the costs of granting access to your credit information.

Your right to request a correction to the credit information Leasexpress holds about you

If you believe that the credit information that Leasexpress holds about you is inaccurate, out-of-date, incomplete, irrelevant or misleading, you may request a correction to that information (Correction Request). To make a Correction Request, please contact Leasexpress using the contact details at the bottom of this Credit Reporting Policy.

If you make a Correction Request, Leasexpress will respond to your request within 30 days (or such longer period as you may agree).

If Leasexpress is satisfied that the information is inaccurate, out-of-date, incomplete, irrelevant or misleading, Leasexpress will correct that information and inform you and each credit provider or credit reporting body to which Leasexpress has previously disclosed that information that your credit information has been corrected, unless it is impracticable or unlawful to do so.

Victim of fraud

If you believe on reasonable grounds that you have been or are likely to be a victim of fraud, you may request that Leasexpress commence a 21 day ban period in which Leasexpress will refrain from using or disclosing your credit information without your express written consent.

Complaints

If you wish to make a complaint about the way Leasexpress manages your credit information, please contact Leasexpress using the contact details at the bottom of this Credit Reporting Policy.

Leasexpress will acknowledge your complaint in writing within 7 days of the complaint being made and set out how Leasexpress will deal with your complaint. Your compliant will then be investigated. In investigating your complaint, it may be necessary for Leasexpress to consult with other credit reporting bodies or credit providers to which Leasexpress has already disclosed your credit information.

A decision will be made in relation to your complaint and you will be provided written notice of the decision within 30 days of the complaint being made (or such longer period as you may agree).

Contact

Our Privacy Officer can be contacted by:
Phone: (03) 9670 4840
Email: privacy@leasexpress.com.au

Changes to Credit Reporting Policy

From time to time, our policies will be reviewed and may be revised. Leasexpress reserves the right to change this Credit Reporting Policy at any time.

This Credit Reporting Policy was last updated in June 2017.