Privacy - ACL, AFSL, Wholesale
This bundle is designed to enable licensees to comply with their privacy and data breach notification obligations. The comprehensive policies and procedures comply with both the requirements of the Privacy Act 1988 (Cth), and with guidance provided by the Office of the Australian Information Commissioner.
The Privacy Policy Template sets out how licensees should collect, use and disclose personal information, and also covers data security arrangements and access requests. The Data Breach Response Policy sets out a 4-stage process for preparing an effective data breach response, including containment, assessment of the breach, notification obligations and a review process, to prevent future incidents.
There is a new Credit Information Policy, similar to the Privacy Policy and Collection Statement (Privacy Policy), that applies to both AFS and credit licensee holders.
Included documents
| Document | Version | Type | Date |
|---|---|---|---|
| Credit Information Policy - ACL, AFSL | 1.0 | Tool | 22 April 2024 |
| Data Breach Response Policy - ACL, AFSL, Wholesale | 3.1 | Policy | 6 Oct. 2023 |
| Privacy Management Policy - ACL, AFSL, Wholesale | 4.1 | Policy | 22 April 2024 |
| Privacy Policy and Collection Statement (Privacy Policy) - ACL, AFSL, Wholesale | 3.2 | Tool | 22 April 2024 |
| Data Breach Register - ACL, AFSL, Wholesale | 1.0 | Register | 1 June 2019 |
| Privacy Access Request Refusal Letter - ACL, AFSL, Wholesale | 2.0 | Tool | 17 Feb. 2022 |
| Role and Responsibilities of the DBRT Template - ACL, AFSL, Wholesale | 1.0 | Tool | 27 May 2020 |