Privacy Policy

In this Privacy Policy when we mention personal information we are referring to any information which can, directly or indirectly, be used to identify you. Names, addresses, date of birth, personal identification numbers, location data and other online identifiers (such as email addresses) are examples of personal information.

Personal Information We Collect From You

When engaging with you  to deliver our services we will ask you to provide certain personal information to enable us to facilitate and provide our services. We may also collect personal information when you make an enquiry or a request to us or when you otherwise interact with us generally (such as by telephone or videoconference, in person, in interviews or by email).

The types of the personal information (including sensitive information) that we may collect about you includes:

(a) your name and role/responsibilities in the business;

(b) your (and/or individual employee) contact details (full name, email address, telephone number, billing address);

(c) your business’ Australian business number (ABN);

(d) login and account information (which is stored in an online secure password platform to access your online lender portals); and

(e) banking information

Personal Information We Collect From Website Visitors

If you contact us through a Website we will collect your name, email address, phone number and any further personal information you choose to provide to us via the contact form on the Website.

Personal Information We Collect From Your Client

In order for us to undertake the processing and provide our services to your clients, we will collect your clients personal information (including sensitive information) in accordance with this Privacy Policy.

For example, as our client, you may collect identification information about your client and/or information about their personal and financial circumstances in order to provide them with a service (e.g. mortgage broking) and as our client, you are likely to provide some of this personal information about them to us to perform our services for you and subsequently them.

Why we use your personal information

As our client we will only use and disclose your personal information:

(a) to provide you with our services;

(b) to provide technical support or responding to your general queries and enquiries;

(c) for our internal research and statistical purposes;

(d) to market our services to you;

(e) and verify and authenticate payments to us; and

(f) for other purposes are required or authorised by law.

We will only use your clients personal information as provided to us by you to provide our services for their processing.

Disclosure of Your Personal Information

In providing our services we use a number of third party tools including:

(a) Microsoft OneDrive, Teams and SharePoint;

(b) LastPass

(c) ActivTrak

We use industry best practice processes and take all reasonable steps to protect personal information that we hold from misuse, interference and loss; and unauthorised access, modification or disclosure.

The reasonable measures we take to secure your personal information include:

(a) Use of LastPass, a secure password vault to ensure login and data security.

(b) Analytics and user activity monitoring software is used to track and collect employee’s real time actions and behaviour data.

(c) Regular back up of information to a secure cloud location stored in Australia.

(d) Use of retention policies on all Exchange and SharePoint Online services to retain all deleted data for a period of 7 years. The backup runs 4 times a day at 3am, 9am, 3pm and 9pm.

(e) DLP policies in place to warn users when they are sharing personally identifiable information (e.g. credit card, bank accounts) with external parties.

(f) Retention policies have been put in place to retain deleted data for a period of 7 years.

How to request access to personal information that we hold for your client

Subject to certain exemptions and evidence of your client's identity, your client has the right to request access to their personal information that we hold at any time by contacting us.

Following their request we will provide them with the personal information requested, unless we decide to withhold access to the personal information (in which case we will notify them of the reasons for such withholding).

While the above is applicable to your clients, it will most likely be more straightforward to obtain access to their personal information from you (i.e. the entity to which they originally provided their personal information).

How to request correction of your client's personal information that we hold

We request that you ensure that the information you provide to us on behalf of your client is accurate and to update any personal information with us as necessary.

If we correct personal information about your client that we previously disclosed to a third party, we will take reasonable steps to notify the third party of the correction and to request that they do the same.

It is recommended that your client corrects their personal information by making the request to you directly (i.e. the entity to which they originally provided their personal information).

We may use personal information collected from you for the purpose of providing you with direct marketing material; however, if you do not wish to receive such information you can request not to receive it. Simply contact us by any of the methods detailed in this document. There is no cost for this request, however, please allow two weeks for your request to be actioned. CLPC adheres to the Spam Act 2003 (Cth), accordingly, we will:

• Obtain your consent before sending an electronic message to you (this can be express or inferred);
• Provide sender identification (so that you know who sent the message); and
• Provide you with the option to unsubscribe

We will never use your client's personal information for marketing or any purpose other than to provide services to you for their processing.

When you visit our website, details may be recorded about your visit, such as time and date, server address, pages accessed, time spent and type of browser. This information is used in an anonymous form for statistical purposes and as such cannot identify you individually. We may use cookies to identify your browser so that next time you visit our website we remember your log in details. A cookie is a small file which remains on your computer and contains information enabling CLPC’s website to recognise your browser. If you do not wish to permit the use of cookies, you can adjust the settings on your browser to reject cookies or notify you when they are being used.

Our Website uses ‘Google Analytics’, a service which transmits website traffic data to Google servers in the United States. Google Analytics does not identify individual users or associate your IP address with any other data held by Google. We use reports provided by Google Analytics to help us understand website traffic and web page usage.

You can customise or opt out of Google Analytics for display advertising using the ads settings for your Google account.

However, this information we collect about you is not personal information. We do not link the anonymous information to any personal information and we will not link a record of your usage of our Website to you.

Our website may have links to external third-party websites that may benefit the user. External websites should contain their own privacy statements and we recommend you review them when using their websites. Please note, however, that third party websites are not covered by our Privacy Policy and these websites are not subject to our privacy standards and procedures.

CLPC is committed to resolving your privacy complaint as quickly as possible and has robust internal complaints procedures in place to help resolve any problems or complaints efficiently.

We recognise that even in the best run organisations things can go wrong. If you have a complaint about privacy please contact us, as we’d like the chance to fix the problem.

We aim to resolve complaints as soon as possible. We will endeavour to provide our response within a maximum of 45 days; should it take longer we will seek your agreement to extend the timeframe.

If, after having raised the issue with us, you are still dissatisfied with the outcome, you are entitled to escalate the complaint to If you are not happy with the outcome of our investigation of your complaint, you may complain to the Office of the Australian Information Commissioner (OAIC) whose contact details (and further information) can be found at oaic.gov.au.