Privacy and Security Policy


This policy has been developed to appropriately acknowledge the importance of, and assist in providing a framework for, the appropriate level of protection for consumer identification and credit information protection.  The policy represents Cash Today Pty Ltd‘s commitment to compliance with the privacy laws and privacy code obligations.

Concerning the collection, holding, use and disclosure of credit related personal information

We provide this policy in accordance with the Privacy Amendment (Enhancing Privacy Protection) Act 2012, hereafter referred to as the Privacy Act, detailing the lawful approach we take in the collection of information in our role as credit providers and/or lessors and in regard to the management and use of all information collected from our potential customers and actual customers, and all subsequent dealings with customer/consumer representatives, credit reporting bodies, and other entities listed in this policy.


In the course of our business, we provide consumer credit, as defined in Section 6(1) of the Privacy Act. This credit being provided wholly or primarily for personal, family, or household purposes and, as a matter of business policy – no other use.
In the course of our business we seek to establish your credit worthiness.  That means:

  • your eligibility to be provided with consumer credit;
  • your history in relation to consumer credit; and
  • your capacity to repay an amount of consumer credit.

The kinds of credit information we collect and hold

In accordance with the industry’s mandatory Credit Reporting Privacy Code, Obligation 5.1, we collect and hold credit reporting information, credit identification information, credit capacity information and personal information collected and held under Section 18 of the Privacy Act prior to 12 March 2014 and, thereafter, under PART 111A of the Privacy Act.

Where personal information concerning an overdue payment is held and, where information concerning this overdue payment is presented to a credit reporting body, the amount overdue will be a minimum of $150.

In accordance with Section 6 of the Privacy Act, we may collect and hold the following personal information:

  1. identification information;
  2. consumer credit liability information;
  3. repayment history information;
  4. a statement that an information request has been made to a credit reporting body, by a credit provider, in relation to your application for credit;
  5. the type of consumer credit or commercial credit, and the amount of credit sought in an application that you have made to a credit provider, in connection with which that credit provider has made an information request concerning you;
  6. overdue and default information concerning your current and/or previous loans;
  7. payment information about you, including information concerning late payments;
  8. information about new arrangements you may have made involving an existing credit contract;
  9. court proceedings (civil) information about you;
  10. personal insolvency information about you, as included on the National Personal Insolvency Index, which relates to bankruptcy, debt agreements, personal insolvency agreements and Sections 50 and/or 188 Bankruptcy Act directions and/or authorities;
  11. publicly available information concerning your activities in Australia and your credit worthiness, including information recorded on the National Personal Insolvency Index;
  12. any opinion that we might reach that you have committed a serious credit infringement in relation to consumer credit we have provided to you, with the circumstances specified on the file; and
  13. unsolicited information that we may deem relevant to keep on file.

Explanation of some of the key elements listed above is as follows.

Identification information about you

To assist in protecting you against identity theft and to assist in reducing the opportunity for fraud, we may ask you for some or all of the following identification information:

  • your full name;
  • any alias or previous name/s;
  • date of birth;
  • sex;
  • current address;
  • 2 previous addresses (if any);
  • name of current employer; or
  • name of last known employer; and
  • driver’s licence number.

Consumer credit liability information

We collect and hold consumer credit liability information, including:

  • the name of the credit provider;
  • whether or not the credit provider holds an Australian Credit Licence;
  • the type of consumer credit;
  • the day on which the consumer credit was entered into;
  • the terms or conditions of the consumer credit which relate to the repayment of that credit and anything that may be prescribed by regulation;
  • the maximum amount available under the consumer credit; and
  • the day on which the consumer credit is terminated, or otherwise ceases to be in force.

Repayment history information

If and when we provide consumer credit to you, the following information about you as a consumer may be collected and held:

  • whether or not you have met monthly repayment obligations;
  • the date on which the monthly payment is due and payable; and
  • if you make payments after the due and payable day, the day on which you actually made the payment.

Overdue and Default information

We collect and hold information about any payment that is overdue and, under Section 88 of the National Credit Code, Regulation 86 of the National Consumer Credit Protection Regulations 2010 and Section 6Q of the Privacy Act, that:

  • you are overdue in making the payment;
  • you have received a written notice from us advising you of the overdue amount and requesting payment of the amount;
  • the Statute of Limitations does not prevent us from recovering the amount; and
  • where the amount overdue is $150 or more, it is sufficient to list on your file with a credit reporting body.  Any amount will be listed on the file we maintain concerning your identification and credit information.

Court proceedings

We may collect and hold information that is given or made against you in civil court proceedings that relate to any credit that has been provided to you, or for which you have applied.

How we collect credit information

We collect credit information from 6 possible sources:

  • from you;
  • from the documentation we request and you provide;
  • from credit reporting bodies;
  • from people or organisations you permit us to contact, to verify your credit relevant details;
  • from other credit providers; and
  • from information about you publicly available, including court and tribunal reports and decisions.

Please note, depending on circumstances, we may choose not to seek information from all these sources to assess your credit application.

How we hold credit information securely

In all circumstances, we take reasonable steps to protect your information from misuse, loss, interference, unauthorised access, modification or unauthorised disclosure.   We choose not to provide further detail, for security reasons.  Further protection detail can be provided to you verbally, on request.

The kinds of credit eligibility information that we hold

This is credit reporting information and CP derived information about you that may be disclosed to us by a credit reporting body, under Division 2 of Part 111A of the Privacy Act.

How we hold credit eligibility information

Hard copies are held in a locked environment, with other security protection after business hours and electronic copies are held in a secure environment, with the application of appropriate passwords and other computer and software security techniques.

The credit reporting body

We provide information to and request information from Veda, a credit reporting body.  If you have a need to contact that body, the contact details are:

Telephone: 1300 762 207

You may contact the credit reporting body if:

  • you believe that the information they have on their file about you needs amendment or correction; and/or
  • you want the body to hold off disclosing any information from the their file about you because, on reasonable grounds, you believe that you have been, or are likely to be, a victim of fraud; and/or
  • you do not want the body to use their credit reporting information for the purposes of pre-screening for direct marketing by a credit provider.

Notifiable matters

From time to time we may have notifiable matters we wish to communicate to you.  A brief description of these notifiable matters, if any, and information on our credit reporting, is included on our website.  At any time you may request a hard copy, or emailed copy, of the notifiable matters from time to time included on our website.

Transfer of information between us and Veda, the credit reporting body
This information transfer is permitted under Division 2 of Part 111A of the Privacy Act 2012.  The information involved is the credit-related personal information that a credit reporting body may provide about you, to assist us to assess your credit worthiness.  This information is relevant for use in establishing your eligibility for consumer credit.

Please note that the company may contract with Veda to have part or all of this information provided, from time to time, in accordance with company policy.  This information has been provided to Veda by credit providers with whom you have had contact, and includes:

  • information about you after you turned 18, except identification information;
  • credit applied for and/or supplied in Australia;
  • your repayment history; and
  • any default information.

If we provide a loan to you and you fail to meet your repayment obligations, or commit a serious credit infringement, we may be entitled to disclose this to the credit reporting body and it will be included on the file they hold about you.

The purposes for which we collect, hold, use and disclose credit information and credit eligibility information

The consumer credit-related purposes for which we collect, hold, use and disclose information are:

  1. to assess your application to us for consumer credit; and
  2. to collect payments that are overdue in relation to consumer credit we may have provided you; and
  3. to collect payments that are overdue in relation to consumer credit provided by another credit provider, under a credit contract that has been assigned to us by that other credit provider [in accordance with Sub-sections 6K(2) and (3)].

In accordance with section 21M, we will disclose relevant and permitted information to debt collectors.

Use of credit eligibility information

In accordance with Section 21G, we use credit eligibility information for the following purposes:

  1. credit related purposes involving you; or
  2. permitted reporting of information to a credit reporting body; or
  3. in connection with what we reasonably believe is a serious credit infringement that you may have committed; or
  4. for a use prescribed by a court, or tribunal, or regulations.

We will disclose this information to:

  1. credit bodies;
  2. a company related to us;
  3. a person responsible for processing your credit application; or
  4. a person who manages our credit contracts; or
  5. another credit provider, if we reasonably believe that you have committed a serious credit infringement; or
  6. the external dispute resolution scheme we subscribe to; or
  7. as authorised under Australian law, regulation, court or tribunal.

In accordance with Section 21N of the Privacy Act, we may disclose information to an approved entity seeking participation in an assignment of your debt, or purchase of our business.  Should the transaction proceed, you will be informed in writing, in accordance with Obligation 13 in the Credit Reporting Privacy Code and all our rights will be transferred to the acquirer, in accordance with Section 6K of the Privacy Act.

How you may access credit eligibility information that we hold about you

First contact the Privacy Compliance Manager, email , or P.O Box 471, Nerang. 4211. Queensland., or fax no. (07) 30090355

In accordance with Section 21T and Code Obligation 19, at your request, we will:

  • give you access to any credit information we hold about you;
  • respond to your request within a reasonable period and provide the access within 30 days of your request;
  • provide the information in a clear manner and provide reasonable explanations and summaries of the information, to assist you to understand the impact of the information; and
  • deny access, only if such would be unlawful, required under Australian law, or by a court or tribunal, or would prejudice an official enforcement body investigation.

A fee of $15 will be charged for access to your information, to reflect company administration costs.

Following your successful request, access will be provided by the Privacy Compliance Manager, who will facilitate the provision of a printout of your information stored in the company’s Specialist Lending System.  This printout can be provided by email, or by post, as may be requested.  Any denial of access will be in writing, with the reason/s explained and details of the company’s internal disputes resolution process, relevant external resolution scheme and the Office of the Australian Information Commission, to which you may lodge a complaint if not satisfied with the company’s explanation.

How you may seek the correction of credit information and credit eligibility information that we hold

Once you have inspected the personal credit information we hold on file about you, you may inform our Privacy Compliance Manager if you have discovered any information that is inaccurate, out-of-date, incomplete, irrelevant or misleading.

The Privacy Compliance Manager will be pleased to amend the file within 30 days but, in most cases, will require appropriate evidence from you to support your request.  Please note that, in the exercise of this correction duty, the Privacy Compliance Manager is lawfully entitled to consult with a credit reporting body and/or another credit provider.  You, and any entity consulted in the process, will be informed in writing of any correction.

How you may complain about our failure to comply with this Division, or the relevant registered CR code

There are 3 ways you may complain:

  1. Verbally, or in writing, to our Privacy Manager.
  2. If you are not satisfied with the Privacy Manager’s response, you can complain verbally or in writing to our Internal Disputes Resolution Manager.
  3. If you are not satisfied with the Internal Disputes Manager’s response you can lodge a complaint either with the Privacy Commissioner, at the Office of the Australian Information Commission, contact details -Office of the Australian Information Commission
    GPO Box 5218
    Sydney  NSW  2001
    Phone: 02 9284 9753
    Enquiries: 1300 363 992

    With the external disputes resolution scheme of which we are a member, contact details:

    Credit Ombudsman Service Ltd
    PO Box A252
    Sydney South  NSW  1235
    Phone: 02 9273 8400
    Fax: 02 9261 2798
    There is no charge for lodging a complaint.

How we will deal with such a complaint

We will write to you acknowledging receipt of the complaint.  After appropriate investigation, the Privacy Manager will write to you as soon as practicable after a decision has been reached, outlining the decision and the reasons for reaching it.

We do not disclose credit information, or credit eligibility information, to entities that do not have an Australian link.